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Status of This Memo 
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not specify an Internet standard of any kind. Distribution of this 
memo is unlimited. 

Copyright Notice 
Copyright (C) The Internet Society (2005). 

Abstract 
This document gives examples of message bodies formatted using 
S/MIME. Specifically, it has examples of Cryptographic Message 
Syntax (CMS) objects and S/MIME messages (including the MIME 
formatting). It includes examples of many common CMS formats. The 


purpose of this document is to help increase interoperability for 
S/MIME and other protocols that rely on CMS. 
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Les 


Introduction 


The examples in this document show the structure and format of CMS 


message bodies, as described in [CMS]. They are useful to 
implementors who use protocols that rely on CMS, such as the S/MIME 
message format protocol. There are also examples of simple S/MIME 


messages [SMIME-MSG] (including the MIME headers). 


Every example in this document has been checked by two different 
implementors. This strongly indicates (but does not assure) that the 
examples are correct. All CMS implementors must read the CMS 
document carefully before implementing from it. No one should use 
the examples in this document as stand-alone explanations of how to 
create CMS message bodies. 


This document explicitly does not attempt to cover many PKIX [PKIX] 
examples. Documents with examples of that format may be forthcoming. 
Also, note that [DVCS], which covers PKIX Data Validation and 
Certification Server Protocols, has examples of formats for its 
protocol. 


The examples shown here were created and validated by many different 
people over a long period of time. Because of this, some of the 
dates used in the examples are many years in the past. This, plus 
the fact that some of the certificates in the examples have very long 
lifespans, may cause problems in some test situations. 

Constants Used in the Examples 

This section defines the data used in the rest of the document. The 
names of the constants indicate their use. For example, 
AlicePrivDSSSign is the private part of Alice’s DSS signing key. 

- Alice is the creator of the message bodies in this document. 

- Bob is the recipient of the messages. 

- Carl is a CA. 


- Diane sometimes gets involved with these folks. 


- Erica also sometimes gets involved. 
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2.1. Content of Documents 
ExContent is the following sentence: 
This is some sample content. 


That is, it is the string of characters starting with "T" up to and 
including the ".". 


The hex for ExContent is 
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e 
The MD5 hash of ExContent is 
9898 cac8 fab7 691f f89d c207 24e7 4a04 
The SHA-1 hash of ExContent is 
406a ec08 5279 bate 1602 2d9e 0629 c022 9687 dd48 
2.2. Private Keys 


The following private keys are needed to create the samples. To find 
the public keys, see the certificates in the next section. 


AlicePrivDSSSign - 
0 30 331: SEQUENCE { 
4 02 ls INTEGER O0 
7.30. 299% SEQUENCE ( 
11 06 whe OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
20 30 286: SEQUENCE ( 


24-02. 129: INTEGER 
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 D1 FE 9F AF A4 Al 89 
2F El D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D BO 84 97 37 F2 E4 51 1B 
: B5 E4 09 96 5C F3 7E 5B DB 
156 02 2s INTEGER 
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F 
B8 37 21 2B 62 8B F7 93 CD 
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179 02 128: INTEGER 
: 26 38 DO 14 89 32 AA 39 FB 3E 6D 
4B 59 6A 4C 76 23 39 04 02 35 5C 
CB 1A 30 C3 1E 50 5D DD 9B 59 E2 
AA 05 3D 58 CO 7B A2 36 B8 6E 07 
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 
3E 90 F8 6D EA 9C C9 21 8A 3B 76 
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 
01 7C 6D 49 89 11 89 36 44 BD F8 
95 4A 53 56 B5 E2 F9 73 EC 1A 61 
1F 11 7F C2 BD ED D1 50 FF 98 74 
D1 81 4A 60 39 BA 36 39 
) 
: ) 
310 04 23: OCTET STRING, encapsulates ( 
312 02 21: INTEGER 
: 00 BB 44 46 D1 A5 C9 46 07 2E DO 
7A D6 92 07 FO 9A 85 89 3F 
) 
} 
AlicePrivRSASign = 
0 30 630: SEQUENCE { 
4 02 1: INTEGER 0 
7 30 13 SEQUENCE ( 
9 06 o OBJECT IDENTIFIER 
: rsaEncryption (1 2 840 113549 1 1 
: (PKCS +1) 
20 05 0: NULL 
: ) 
22 04 608: OCTET STRING, encapsulates ( 
26 30 604: SEQUENCE { 
30 02 ls INTEGER 0 
33 02 129* INTEGER 
00 EO 89 73 39 8D D8 F5 F5 E8 
39 7F 4E BO 05 BB 53 83 DE OF 
DC 7D C7 75 29 OD 05 2E 6D 12 
86 26 DA D2 6F AA 58 29 FC 97 
82 51 OF 30 80 BE B1 50 9E 46 
2C BB D8 32 CF C6 68 6F 07 D9 
AC BE EE 34 09 6A 13 F5 F7 05 
DF 5E BA 35 56 D9 61 FF 19 7F 
E6 F8 6C EA 87 40 70 EF AC 6D 
9F 2D FA 55 3A B9 99 77 02 A6 
: 8C 4E F3 57 38 57 74 57 5F 
165 02 3: INTEGER 65537 
170 02 128: INTEGER 
$ 00 A4 03 C3 27 47 76 34 34 6C 
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65: 


65: 


65: 


64: 


64: 
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67 
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INTEGER 
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INTEGER 
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645: SEQUENCE ( 
Is INTEGER 0 
13; SEQUENCE 


( 


9i OBJECT IDENTIFIER 
: rsaEncryption 


(PKCS +1) 


0: NULL 
: ) 


608: OCTET STRING, 


604: SEQUENCE ( 


encapsulates { 


ds INTEGER 0 


129: INTEGER 


00 


4 


1 
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8F EC 6A 30 
B5 47 21 DC 
: 08 84 60 7D 
435 02 64: INTEGER 
: 34 BA 64 C9 
6A 48 EF 1B 
C3 60 3B 9B 
62 52 38 84 
20 14 99 5A 
E DO 80 B7 85 
501 02 65: INTEGER 
: 00 9E 2F B3 
09 06 A4 5D 
40 72 9C 3A 
88 16 68 A8 
69 AF 03 0A 
: 7D 34 30 25 
568 02 64: INTEGER 
: 57 18 67 D6 
54 DA 9C 05 
3D 69 CB 31 
1C 2A 7C 26 
15 F5 EE 0B 
63 46 41 F6 
} 
: } 
634 AO 18: [0] { 
636 30 Tile SEQUENCE { 
638 06 3% 
: (X.509 id-ce 
643 31 4: SET ( 
645 03 Ze 
E '00001000'B 
Error: 
} 
} 
} 
} 
CarlPrivDSSSign = 
0 30 330: SEQUENCE { 
4 02 iss INTEGER 0 
7 30 299: SEQUENCE { 
11 06 Pe OBJECT IDENTIFIER dsa 
: (ANSI X9.57 algorithm) 
20 30 286 SEQUENCE ( 
24 02 129 INTEGER 
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OE 1F 7A 2A B2 6E 37 04 AB 39 45 73 
BA 46 A8 OF 8D 82 5F 22 14 05 CF A2 

: A3 F3 7C 83 

568 02 64: INTEGER 

: 26 1E 1D 1C Al 98 2B E4 DB 38 E8 57 
6E 6B 73 19 88 61 3A FA 74 4A 36 8B 
47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65 
A9 AF 7B AB 4B 2E 76 51 3D A8 DO 11 
AB A3 D6 A8 CO 27 36 1D 54 OB AA A7 
D1 6D 8D FA 


DianePrivDSSSign - 
0 30 331: SEQUENCE ( 
4 02 T; INTEGER 0 
TADO: 299% SEQUENCE ( 
11 06 Ti OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
20 30 286: SEQUENCE ( 


24 02 129: INTEGER 
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 
01 C4 12 Cl 7A 79 CB 54 4D AB 1E 81 
FB C6 4C B3 OE 94 09 06 EB 01 D4 B1 
C8 71 4B C7 45 CO 50 25 5D 9C FC DA 
E4 6D D3 E2 86 48 84 82 7D BA 15 95 
4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A 
0A 8A BA 16 7B B9 50 01 48 93 8B EB 
25 15 51 97 55 DC 8F 53 OE 10 A9 50 
FC 70 B7 CD 30 54 FD DA DE A8 AA 22 
B5 Al AF 8B CC 02 88 E7 8B 70 5F B9 
E AD El 08 D4 6D 29 2D D6 E9 
156 02 2i; INTEGER 
: 00 DD C1 2F DF 53 CE OB 34 60 77 3E 
E 02 A4 BF 8A 5D 98 B9 10 D5 
LTO: 027 28: INTEGER 
: OC EE 57 9B 


B BD DA B6 07 6A 74 37 
4F 55 7F 9D ED BC 61 OD EB 46 59 3C 
C 


4 
E 
56 0B 2B 5B 0 
B 
E 


91 CE A5 62 52 69 CA 
El 6D 3E BD BF FE El B7 B9 2B 61 3C 
AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 
87 0B C7 CD FO 1C D9 B5 4E 5D 73 DE 
AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A 
73 AA 7F 46 51 1F A9 42 16 9C 48 EB 
8A 79 61 B4 D5 2F 53 22 44 63 1F 86 
B8 A3 58 06 25 F8 29 CO EF BA EO 75 
FO 42 C4 63 65 52 9B OA 
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310 
312 


04 
02 


} 
} 


23: OCTET STRING, 
21; INTEGER 


00 96 95 F9 EO C1 EO 41 2D 32 OF 8B 
42 52 93 2A E6 1E OE 21 29 


} 


DianePrivRSASignEncrypt = 


0 
4 
7 
9 


20 
22 
26 


30 
33 


165 


170 02 128: 


301 


Hoffman, 


30 
02 
30 
06 


02 


02 


Ed. 


631: SEQUENCE { 
Ts INTEGER 0 
l3: SEQUENCE ( 


encapsulates { 


9s OBJECT IDENTIFIER 
: rsaEncryption 


(PKCS +1) 


0: NULL 
) 


609: OCTET STRING, 


605: SEQUENCE { 


encapsulates ( 


ds INTEGER 0 


12 9! INTEGER 


00 
EA 
B1 
F6 
A9 
F6 
07 
C3 
93 
C3 
8B 


31 INTEGER 
INTEGER 


3D 
23 
7D 
96 
65 
AC 
D2 
FF 
24 
39 
D7 


65: INTEGER 


00 


D6 
7C 
92 
7C 
76 
D4 
DB 
60 
47 
5E 
44 


BD 
04 
93 
CF 
DO 
21 
A3 
15 
E 
8D 
05 


F3 


Informational 


FD 
BB 
5A 
FB 
9D 
B7 
AO 
49 
EE 
47 
1D 


B8 
A2 
T3 
44 
CF 
28 
C1 
AC 
FO 
E5 
95 


65537 


CD 
2B 
3C 
FE 
3A 
11 
84 
20 
D4 
62 
91 


B8 


C2 
C5 
OF 
58 
77 
71 
25 
24 
4A 
BD 
53 


3F 


70 
FA 
20 
8B 
AO 
BB 
1E 
D7 
35 
B7 
CD 


61 
35 
25 
8F 
24 
E3 
B5 
F1 
9E 
FC 
96 


D1 


C6 


FO 1 


El 
27 
2C 
F8 
B7 
F8 
H2 
83 
28 


14 
A5 


96 | 


EB 
9E 
B2 
BC 
80 
B9 
oc 
B6 


94 1 


Examples of S/MIME Messages 


25 
32 
24 
F1 
96 
4A 
67 
EF 
02 
DB 
85 


4B 
45 
62 
8c 
EB 
A9 
1E 
D5 
D8 
92 


91 


(1 2 840 113549 1 1 


EC 
3A 
82 
TE 
F2 
4C 
E 
08 
C4 
74 


E7 
23 
52 
BD 
86 
2E 
DD 
41 
19 
93 


60 


EA 
53 
0A 
26 
83 
19 
DE 
37 
F3 
69 


BF 
FC 
42 
D4 
80 
AC 
F6 
OE 
8E 
EA 


13 


CF 
FF 
DO 
03 
42 
3F 
Bl 
21 
11 
64 


60 
69 
E2 
OD 
C3 
£7 
21 
32 
3F 
C3 


41 
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368 02 


435 02 


502 02 


569 02 


65: 


65: 


65: 


64: 


92 
D4 
5F 
52 
36 


0D 
0B 
AF 
B3 
ED. 


INTEGER 


00 
AA 
86 
68 
2C 
AO 


El 
02 
C9 
38 
54 
7E 


INTEGER 


00 
67 
29 
2B 
08 
5F 


AF 
A9 
8B 
D4 
2D 
AC 


INTEGER 


00 
A2 
DD 
9A 
DD 
89 


B9 
7C 
94 
19 
AB 
8A 


INTEGER 


01 
DF 
BO 
B3 
65 
AC 


2.3. Certificates 


AliceDSSSignByCarlNoInherit 
732: 
667: 
31 
ds 


0 30 
4 30 
8 AO 
10 02 


13 02 


17 30 
19 06 


Hoffman, Ed. 


2s 
9 


SEQUENCE ( 
SEQUENCE ( 
[01 4 


07 
A8 
73 
AC 
Al 
6C 


INTEGER 2 


} 


INTEGER 200 


SEQUENCE 


{ 


8D 
70 
19 
22 
68 


D2 
B4 
10 
00 
80 
D2 


B6 
Al 
FE 
09 
E3 


44 
C9 
85 
D8 
73 


E7 
5A 
8D 
4B 
0A 
BB 


BC 
99 
0A 
AO 
07 


3F 
1A 
50 
A8 
B5 


11 
ED 
56 
2E 
TƏ 
91 


DB 
FC 
DF 
56 
B5 


1D 
E9 
90 
8E 


06 
9D 
31 
26 
D1 


73 
D2 
C8 
EN 
E7 


12 


98 
52 
C6 
DC 
1D 
71 


TN 
DE 
74 
69 
16 
BF 


5C 


41 
8A 
1B 
73 
08 
DB 


97 
E 
C8 
Cc 
39 
E5 


A9 


FC 
20 
c3 


ED 


7B 
61 


SF 
E2 
C4 
B3 
39 


50 
EA 
CO 
1D 
AC 


60 
34 
3F 
3F 
E3 


Examples of S/MIME Messages 


FF 
90 
91 
54 


AE 
82 
75 
32 
66 


43 
8E 
5E 
Bl 
B3 


1F 
2C 
82 
27 
7F 


A8 
7D 
58 
7C 
74 


OBJECT IDENTIFIER dsaWithShal 


Informational 


23 
F2 
BD 
00 


95 
4F 
69 


Bl 1] 


1B 


EC 
1D 
25 
FC 
C4 


60 
D9 
E4 
F8 
82 


5A 
EB 
30 
C7 
CF 


08 
DS 
76 
4F 


16 
3C 
75 
EO 
OE 


B5 
ES 
5D 
BE 
A5 


01 
19 
2B 
03 
F1 


07 
BD 
90 
1B 
C5 
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28 
30 
32 
34 


39 


48 
50 
65 


80 
82 
84 
86 


91 


101 
105 
109 


118 
122 


254 


217 


Hoffman, 


30 
31 
30 
06 


13 


30 
17 
17 


30 
31 
30 
06 


13 


30 
30 
06 


30 
02 


02 


02 


Ed. 


16: 
14: 


21: 


128: 


(ANSI X9.57 algorithm) 


} 
SEQUENCE { 
SET { 


SEQUENCE { 


Examples of S/MIME Messages 


OBJECT IDENTIFIER commonName 


(X.520 id-at 


(2 5 4)) 


PrintableString 'CarlDSS' 


} 
} 
} 
SEQUENCE { 
UTCTime 
UTCTime 
} 
SEQUENCE { 
SET { 


SEQUENCE { 


' 9908170110492" 
"3912312359592" 


OBJECT IDENTIFIER commonName 


(X.520 id-at 
PrintableString ’AliceDSS’ 


} 
} 
} 
SEQUENCE { 
SEQUENCE 


{ 


(2 5 4)) 


OBJECT IDENTIFIER dsa 


(1 2 840 


(ANSI X9.57 algorithm) 


SEQUENCE ( 


INTEGER 


00 
48 
53 
el 
2F 
DC 
9B 
8B 
c3 
78 
B5 


81 
28 
C5 
D6 
El 
5F 
DE 
54 
B5 
BD 
E4 


INTEGER 


00 
B8 


E2 
37 


INTEGER 


26 
4B 
CB 


38 
59 
1A 


8D 
A3 
AB 
F3 
D9 
69 
A7 
F1 
B3 
FF 
09 


47 
21 


DO 
6A 
30 


CD 
E4 
84 
44 
30 
8A 
5E 
3F 
E3 
9D 
96 


A6 
2B 


14 
4C 
C3 


Informational 


83 
93 
4F 
D1 
36 
75 
FC 
07 
08 
84 
F3 


45 
8B 


32 
23 
50 


0A 
OE 
94 
9F 
3F 
37 
9F 
47 
D5 
37 
5B 


B8 
93 


39 
04 
DD 


July 2005 


(2543) 


(2543) 


10040 4 1) 


39 
A8 
ES 
A4 
BF 
91 
DD 
5D 
76 
E4 


C6 


3E 
35 
59 


3E 
OE 
48 
Al 
B7 
08 
43 
88 
10 
S 


DA 


6D 
5C 
E2 


C2 
EC 
7E 
89 
4C 
95 
A8 
c3 
C4 
1B 


8F 


D9 
F2 
CD 
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408 
412 


543 
546 
548 
550 


923 
558 
560 


562 
564 
569 


572 
574 


578 
580 


Hoffman, 


03 
02 


A3 
30 
30 
06 


01 
04 
30 


30 
06 
01 


04 
03 


30 
06 


Ed. 


} 
} 


05 
8A 
90 
CE 
7C 
4A 
11 
81 


3D 
42 
F8 
2E 
6D 
53 
7F 
4A 


Examples of S/MIME 


58 
25 
6D 
5D 
49 
56 
C2 
60 


Messages 


CO 
A7 
EA 
A3 
89 
B5 
BD 
39 


7B 
F4 
9C 
07 
11 
E2 
ED 
BA 


A2 
75 
C9 
CD 
89 
F9 
D1 
36 


132: BIT STRING 0 unused bits, 


128: INTEGER 


36 
3E 
16 
12 
1B 
A5 
7E 
08 
F1 
32 
F2 


129 [31 4 
T2: SEQUENCE 


12 SEQUENCE { 


E3 
A9 
89 
3D 
3E 
AO 
1A 
BF 
BB 
84 
A5 


{ 


B9 
EC 
28 
43 
24 
4A 
F2 
66 
34 
FO 
E2 


5A 
AC 
11 
5B 
7D 
E3 
24 
14 
D4 
TE 
F4 


75 
5E 
23 
6F 
3D 
85 
AB 
80 
D2 
41 
F2 


14 
DC 
D9 
E5 
07 
D6 
53 
5C 
96 
40 
83 


33 OBJECT IDENTIFIER 
: basicConstraints 
(2 5 29)) 


NR 


} 
} 


14: SEQUENCE { 


(X.509 id-ce 
BOOLEAN TRUE 
OCTET STRING, 


96 
BD 
34 
51 
8D 
CE 
1A 
62 
37 
FD 
E5 


36 
CF 
21 
23 
36 
T3 
50 
39 


0B 
B7 
86 
BF 
5B 
06 
B8 
AC 
F6 
46 
B8 


B8 
4A 
8A 
85 
44 
EC 
FF 


A9 
13 
67 
FA 
63 
80 
27 
65 
61 
A7 


encapsulates { 
Oz SEQUENCE {} 


3: OBJECT IDENTIFIER keyUsage 
: (X.509 id-ce 
ies BOOLEAN TRUE 


4: OCTET STRING, 
2s BIT STRING 6 unused bits 
. “11 B 


} 
} 


3T: SEQUENCE ( 


(25 29)) 


6E 
08 
3B 
B8 
BD 
1A 
98 


7A 
11 
75 
89 
C8 
3F 
OD 
FA 
47 
63 


(2 5 29 19) 


07 
5E 
76 
2F 
F8 
61 
74 


encapsulates 


DD 
34 
75 
F2 
BB 
E8 
1E 
15 
B2 
AE 


July 2005 


(25 29 15) 


encapsulates { 


9e OBJECT IDENTIFIER 
: authorityKeyIdentifier 


Informational 


(25 29 35) 
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E (X.509 id-ce (2 5 29)) 
585 04 24: OCTET STRING, encapsulates ( 


587 30 22 SEQUENCE ( 


589 80 20: [0] 
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 


) 
: } 
611 30 293 SEQUENCE ( 
613 06 33 OBJECT IDENTIFIER 
B subjectKeyIdentifier (2 5 29 14) 


i (X.509 id-ce (2 5 29)) 
618 04 22: OCTET STRING, encapsulates ( 
620 04 20: OCTET STRING 

: BE 6C Al B3 E3 Cl F7 ED 43 70 A4 CE 

13 01 E2 FD E3 97 FE CD 
) 

: ) 

642 30 313 SEQUENCE { 


644 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 

H (X.509 id-ce (2 5 29)) 
649 04 24: OCTET STRING, encapsulates ( 
651 30 22: SEQUENCE ( 
653 81 20: [1] ’AliceDSS@example.com’ 

: } 

} 
} 
} 
} 

: ) 

675 30 9: SEQUENCE ( 


677 06 7: OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
: (ANSI X9.57 algorithm) 
: } 

686 03 48: BIT STRING 0 unused bits, encapsulates ( 


689 30 45: SEQUENCE { 


691 02 20: INTEGER 
: 55 0C A4 19 1F 42 2B 89 71 22 33 8D 
: 83 6A B5 3D 67 6B BF 45 
713 02 2i: INTEGER 
: 00 9F 61 53 52 54 0B 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


} 


AliceRSASignByCarl = 
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0 30 556: SEQUENCE { 
4 30 405: SEQUENCE { 
8 AO 33 [0] ( 
10 02 Ts INTEGER 2 
: } 
13 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
: C4 10 B3 BO 
31.30 Tz SEQUENCE { 
33 06 9: OBJECT IDENTIFIER 
: shalwithRSAEncryption (1 2 840 113549 1 1 5) 
: (PKCS +1) 
44 05 0: NULL 
: } 
46 30 18: SEQUENCE { 
48 31 16: SET { 
50 30 14: SEQUENCE { 
52 06 3% OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
SP 3 Ts PrintableString 'CarlRSA' 
: ) 
) 
: } 
66 30 30: SEQUENCE { 
68 17 13% UTCTime '9909190108472' 
83 17 13: UTCTime '391231235959Z' 
: } 
98 30 1:9* SEQUENCE { 
100 31 E7; SET { 
102 30 Tss SEQUENCE { 
104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 
; (X.520 id-at (2 5 4)) 
109 13 os PrintableString ’AliceRSA’ 
: ) 
) 
: } 
PEO 30: 3159: SEQUENCE ( 
122 30 13 SEQUENCE ( 
124 06 9: OBJECT IDENTIFIER 
E rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS +1) 
135..05 0: NULL 
: } 
137 03 141: BIT STRING 0 unused bits, encapsulates { 
141 30 137: SEQUENCE { 


144 02 129: INTEGER 
: 00 EO 89 73 39 8D D8 F5 F5 E8 87 76 
39 7F 4E BO 05 BB 53 83 DE OF B7 AB 
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276 


281 
284 
286 
288 


293 
296 
298 


300 
302 


307 
310 
312 


316 
318 


323 
325 
327 


349 
351 


Hoffman, 


02 


A3 
30 
30 
06 


01 
04 
30 


30 
06 


01 
04 
03 


30 
06 


04 
30 
80 


30 
06 


Ed. 


127: 


22: 
20: 


Examples of S/MIME Messages July 2005 
DC 7D C7 75 29 OD 05 2E 6D 12 DF A6 
86 26 D4 D2 6F AA 58 29 FC 97 EC FA 
82 51 0F 30 80 BE B1 50 9E 46 44 F1 
2C BB D8 32 CF C6 68 6F 07 D9 BO 60 
AC BE EE 34 09 6A 13 F5 F7 05 05 93 
DF 5E BA 35 56 D9 61 FF 19 7F C9 81 
E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 
9F 2D FA 55 3A B9 99 77 02 A6 48 52 
8C 4E F3 57 38 57 74 57 SF 
INTEGER 65537 
) 
) 
) 
[3]. 4 
SEQUENCE ( 
SEQUENCE { 
OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates ( 
SEQUENCE () 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
SILAB 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 


(X.509 id-ce 


OCTET STRING, 


SEQUENCE { 


) 
} 
SEQUENCE 


[0] 


(2 5 29)) 
encapsulates { 


E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 


42 37 4E 22 AE 9E 38 BB 


{ 


OBJECT IDENTIFIER 


subjectKeyIdentifier 


Informational 
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E (X.509 id-ce (2 5 29)) 
356 04 22: OCTET STRING, encapsulates ( 
358 04 20: OCTET STRING 
: 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D 
CE EC 3C A0 3A E3 FF 50 


) 
: ) 
380 30 31: SEQUENCE ( 


382 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 
: (X.509 id-ce (2 5 29)) 
387 04 24: OCTET STRING, encapsulates ( 
389 30 22: SEQUENCE ( 
391 81 20: [1] ’AliceRSA@example.com’ 
: } 
} 
} 
} 
} 
E ) 
413 30 T3: SEQUENCE ( 
415 06 9: OBJECT IDENTIFIER 
i shalwithRSAEncryption (1 2 840 113549 1 1 5) 
2 (PKCS +1) 
426 05 0: NULL 
: } 
428 03 129: BIT STRING 0 unused bits 


3E 70 47 A8 48 CC 13 58 8F CA 51 71 
6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC 
CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C 
59 A9 20 AA 05 81 A8 4E 25 AD A7 70 
14 75 2F F5 C7 9B D1 OE E9 63 D2 64 
B7 C6 66 6E 73 21 54 DF F4 BA 25 5D 
7D 49 D3 94 6B 22 36 74 73 B8 4A EC 
2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A 
B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA 
F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A 
76 AE EB 9B DB 49 BO 22 


BobRSASignByCarl - 
0 30 551: SEQUENCE ( 
4 30 400: SEQUENCE { 
8 AO 31 [0] ( 
10 02 T.: INTEGER 2 
: } 
13 02 16: INTEGER 


46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
CD 5D 71 DO 
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34-30 Tə: SEQUENCE { 
33 06 9: OBJECT IDENTIFIER 
E shalwithRSAEncryption (1 2 840 113549 1 1 5) 
: (PKCS +1) 
44 05 0: NULL 
: } 
46 30 18: SEQUENCE { 
48 31 16: SET { 
50 30 14: SEQUENCE { 
52 06 Bit OBJECT IDENTIFIER commonName (2 5 4 3) 
$ (X.520 id-at (2 5 4)) 
SES Ts PrintableString 'CarlRSA' 
: ) 
) 
: } 
66 30 30: SEQUENCE { 
68 17 133 UTCTime '’9909190109022’ 
83 17 133 UTCTime '391231235959Z' 
: } 
98 30 qe SEQUENCE { 
1:00; 31 1:55 SET { 
102 30 13% SEQUENCE { 
104 06 3% OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
109 13 6: PrintableString ’BobRSA’ 
: } 
} 
: } 
117 30 159: SEQUENCE { 
120 30 1:3: SEQUENCE ( 
122 06 9: OBJECT IDENTIFIER 
4 rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS +1) 
133 05 Ol NULL 
: } 
135.03 ds BIT STRING 0 unused bits, encapsulates { 
139 30 137: SEQUENCE { 


142 02 129: INTEGER 
: 00 A9 El 67 98 3F 39 D5 5F F2 AO 93 
41 5E A6 79 89 85 C8 35 5D 9A 91 5B 
FB 1D 01 DA 19 70 26 17 OF BD A5 22 
DO 35 85 6D 7A 98 66 14 41 5C CF B7 
B7 08 3B 09 C9 91 B8 19 69 37 6D F9 
65 1E 7B D9 A9 33 24 A3 7F 3B BB AF 
46 01 86 36 34 32 CB 07 03 59 52 FC 
85 8B 31 04 B8 CC 18 08 14 48 E6 4F 
1C FB 5D 60 C4 EO 5C 1F 53 D3 7F 53 
D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6 
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274 


279 
281 
283 
285 


290 
293 
295 


297 
299 
304 


307 
309 


313 
315 


320 
322 
324 


346 
348 


353 
355 


3d 


Hoffman, 


02 


A3 
30 
30 
06 


01 
04 
30 


30 
06 
01 


04 
03 


30 
06 


04 
30 
80 


30 
06 


04 
04 


30 


Ed. 


125: 


22: 
20: 


22: 
20: 


293 


Examples of S/MIME Messages 


5F 38 CF 1C 2C AA 6A A7 EB 
INTEGER 65537 
) 


) 
ES ^d 
SEQUENCE ( 
SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE () 
} 


} 
SEQUENCE { 


July 2005 


OBJECT IDENTIFIER keyUsage (2 5 29 15) 


(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates { 

BIT STRING 5 unused bits 
^100'B (bit 2) 
) 
) 
SEQUENCE ( 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[0] 


E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 


42 37 4E 22 AE 9E 38 BB 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
E8 F4 B8 67 D8 B3 96 AZ 2A F3 
29 D3 95 5A 86 16 B4 24 


) 
} 
SEQUENCE { 


Informational 


11 AA 
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379 06 33 OBJECT IDENTIFIER subjectAltName (2 5 29 17) 
: (X.509 id-ce (2 5 29)) 
384 04 22: OCTET STRING, encapsulates ( 
386 30 20: SEQUENCE ( 
388 81 18: [1] ’BobRSA@example.com’ 
: ) 
) 
} 
} 
} 
: } 
408 30 r3: SEQUENCE { 
410 06 9: OBJECT IDENTIFIER 
7 shalwithRSAEncryption (1 2 840 113549 1 1 5) 
: (PKCS #1) 
421 05 0: NULL 
: } 
423 03 129: BIT STRING 0 unused bits 
: 7B 8E 66 C5 F1 10 3F 10 20 4C 88 71 
AB 7B 40 6B 21 33 FA 4A 95 DE 9D OE 
5B 6B 94 21 05 CO F2 El 7E 2A CD 9C 
93 88 87 FB 8B B7 7E 7D 41 61 El E4 
D6 6D F9 E2 04 55 61 45 BC 64 27 44 
CO Al BD 59 79 D9 1D 64 3C 21 D6 45 
BO 5D 68 33 92 EA AC F1 57 E5 81 7D 
98 E6 35 91 A3 39 DE 77 F4 E8 1C 3B 
29 DC 7F 51 07 97 F3 36 FO 50 OA DD 
9B DE B6 5E 38 11 2B FB 57 EA 89 6D 
AD C9 88 D8 8F CF 2B D3 
) 
CarlDSSSelf = 
0 30 667: SEQUENCE { 
4 30 602: SEQUENCE { 
8 AO 3 [01 { 
10 02 Ls INTEGER 2 
: ) 
13 02 ls INTEGER 1 
16 30 9: SEQUENCE ( 
18 06 “Le OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
: (ANSI X9.57 algorithm) 
: } 
27 30 18: SEQUENCE { 
29 31 16: SET { 
31 30 14: SEQUENCE ( 
33 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
38 13 des PrintableString 'CarlDSS' 
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47 
49 
64 


79 
81 
83 
85 


90 


99 
103 
107 


116 
120 


252 


275 
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30 
17 
17 


30 
31 
30 
06 


13 


30 
30 
06 


30 
02 


02 


02 


Ed. 


21$ 


128: 


) 

} 
SEQUENCE { 

UTCTime 

UTCTime 

} 
SEQUENCE { 

SET { 


SEQUENCE { 


' 9908162250502" 
"3912312359592" 


Examples of S/MIME Messages 


OBJECT IDENTIFIER commonName 


(X.520 id-at 


(2 5 4)) 


PrintableString 'CarlDSS' 


) 
) 
} 
SEQUENCE { 
SEQUENCE 


{ 


OBJECT IDENTIFIER dsa 


(1 2 840 


(ANSI X9.57 algorithm) 


SEQUENCE { 


INTEGER 


00 
01 
FB 
C8 
EA 
4A 
0A 
25 
FC 
B5 
AD 


B6 
C4 
C6 
71 
6D 
16 
8A 
l5 
70 
Al 
El 


INTEGER 


00 
02 


DD 
A4 


INTEGER 


oc 
4F 
56 
E1 
AD 
87 
AF 
73 
8A 
B8 
FO 


EE 
55 
OB 
6D 
CB 
OB 
OE 
AA 
79 
A3 
42 


49 
12 
4C 
4B 
D3 
F6 
BA 
51 
B7 
AF 
08 


C1 
BF 


18 
C1 
B3 
Gy 
E2 
46 
16 
97 
CD 
8B 
D4 


2F 
8A 


9B 
9D 
5B 
BD 
45 
CD 
1D 
46 
B4 
06 
63 


3E 
7A 
OE 
45 
86 
ED 
7B 
59 
30 
CC 
6D 


Informational 


8A 
79 
94 
co 
48 
DD 
B9 
DC 
54 
02 
29 


53 
98 


BD 
BC 
91 
FE 
06 
tC 
51 
1F 
2F 
F8 
52 


cl 
54 
06 
25 
82 
98 
01 
53 
DA 
E7 
D6 


0B 
10 


B6 
0D 
A5 
B7 
8C 
B5 
AF 
42 
22 
CO 
0A 


29 
4D 
EB 
5D 
7D 
D2 
48 
OE 
DE 
8B 
E9 


34 
D5 


07 
EB 
62 
B9 
22 
4E 
44 
16 
44 
EF 


July 2005 


(2 54 3) 


10040 4 1) 


71 
AB 
01 
9C 
BA 
BB 
93 
10 
A8 
70 


60 


6A 
46 
52 
2B 
9D 
5D 
79 
9C 
63 
BA 


77 


74 
59 
69 
61 
9C 
73 
35 
48 
1F 
EO 


4C 
81 
Bl 
DA 
95 
8A 
EB 
2.0 
22 
B9 


3E 


37 
3C 
CA 
3C 
44 
DE 
5A 
EB 
86 
75 
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} 
: } 
406 03 133: BIT STRING 0 unused bits, encapsulates { 
410 02 129: INTEGER 
: 00 99 87 74 27 03 66 AO B1 CO AD DC 
2C 75 BB El 6C 44 9C DA 21 6D 4D 47 
6D B1 62 09 E9 D8 AE 1E F2 3A B4 94 
Bl A3 8E 7A 9B 71 4E 00 94 C9 B4 25 
AE B9 60 96 19 24 01 F3 62 OC FE 75 
CO FB CE D8 68 00 E3 FD D5 70 4F DF 
23 96 19 06 94 F4 B1 61 8F 3A 57 B1 
08 11 A4 OB 26 25 FO 52 76 81 EA OB 
62 0D 95 2A E6 86 BA 72 B2 A7 50 83 
OB AA 27 CD 1B A9 4D 89 9A D7 8D 18 
39 84 3F 8B C5 56 4D 80 7A 


; } 
542 A3 66: [3] { 


544 30 64: SEQUENCE ( 
546 30 15: SEQUENCE ( 
548 06 3: OBJECT IDENTIFIER 
: basicConstraints (2 5 29 19) 
E (X.509 id-ce (2 5 29)) 
553 01 1: BOOLEAN TRUE 
556 04 5:3 OCTET STRING, encapsulates ( 
558 30 3% SEQUENCE { 
560 01 1$ BOOLEAN TRUE 
: ) 
) 
: ) 
563 30 14: SEQUENCE ( 
565 06 3% OBJECT IDENTIFIER keyUsage (2 5 29 15) 
: (X.509 id-ce (2 5 29)) 
570 01 Es BOOLEAN TRUE 
573 04 4: OCTET STRING, encapsulates ( 
579x03 2 BIT STRING 1 unused bits 
: ^1100001'B 
) 
: } 
579 30 29: SEQUENCE { 
581 06 3: OBJECT IDENTIFIER 
: subjectKeyIdentifier (2 5 29 14) 
: (X.509 id-ce (2 5 29)) 
586 04 22: OCTET STRING, encapsulates ( 


588 04 20: OCTET STRING 
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 F1 1F 
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) 
: ) 
610 30 9: SEQUENCE ( 
612 06 7: OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
621 03 48: BIT STRING 0 unused bits, encapsulates { 


624 30 45: SEQUENCE { 


626 02 20: INTEGER 
: 6B A9 FO 4E 7A 5A 79 E3 F9 BE 3D 2B 
: C9 06 37 E9 11 17 Al 13 
648 02 21: INTEGER 
: 00 8F 34 69 2A 8B B1 3C 03 79 94 32 
4D 12 1F CE 89 FB 46 B2 3B 


CarlRSASelf - 
0 30 491: SEQUENCE { 
4 30 340: SEQUENCE { 
8 AO 3.8 [01 { 
10 02 Te INTEGER 2 
: } 
13 02 16: INTEGER 
46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
H 9F F2 50 20 
31.30 133 SEQUENCE ( 
33 06 9: OBJECT IDENTIFIER 
; shalwithRSAEncryption (1 2 840 113549 1 1 5) 
E (PKCS +1) 
44 05 0: NULL 
: } 
46 30 18: SEQUENCE { 
48 31 L6: SET { 
50 30 14: SEQUENCE { 
52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
57 x3 DE PrintableString 'CarlRSA' 
: } 
} 
: } 
66 30 3.0: SEQUENCE { 
68 17 I3: UTCTime “9908180700002” 


83 17 13% UTCTime '3912312359592' 
: ) 
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280 
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284 
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291 
294 
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301 
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30 
31 
30 
06 


13 


30 
30 
06 


05 


03 
30 
02 


02 


A3 
30 
30 
06 


01 
04 
30 
01 


30 
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16: 
14: 


159: 


rPWwWUrPR 


14: 


Examples of S/MIME Messages July 2005 


SEQUENCE { 
SET { 

SEQUENCE { 

OBJECT IDENTIFIER commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 

PrintableString 'CarlRSA' 
} 

} 


} 
SEQUENCE ( 
SEQUENCE { 
OBJECT IDENTIFIER 
rsaEncryption (1 2 840 113549 1 1 1) 
(PKCS #1) 
NULL 
} 
BIT STRING 0 unused bits, encapsulates { 
SEQUENCE { 
INTEGER 
00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 
73. 7B 93) 7L 5C -BC 33 IA 92 92 72:23 
D8 41 46 DO CD 11 3A 04 B3 8E AF 82 
9D BD 51 1E 17 7A F2 76 2C 2B 86 39 
A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC 
A2 36 B1 ED E2 50 E2 32 09 8A 3F OF 
99 25 8F B8 4E AB B9 7D D5 96 65 DA 
16 A0 C5 BE OE AE 44 5B EF 5E F4 A7 
29 CB 82 DD AC 44 E9 AA 93 94 29 OE 
F8 18 D6 C8 57 5E F2 76 C4 F2 11 60 
38 B9 1B 3C 1D 97 C9 6A F1 
INTEGER 65537 
) 


) 
ES 1 
SEQUENCE { 
SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
BOOLEAN TRUE 
) 


) 
} 
SEQUENCE { 
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303 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 
: (X.509 id-ce (2 5 29)) 

308 01 Ls BOOLEAN TRUE 

311 04 4: OCTET STRING, encapsulates ( 


313 03 2: BIT STRING 1 unused bits 
: ^1100001'B 
} 
g ) 
317 30 29: SEQUENCE ( 
319 06 ge OBJECT IDENTIFIER 
: subjectKeyIdentifier (2 5 29 14) 
: (X.509 id-ce (2 5 29)) 
324 04 22: OCTET STRING, encapsulates ( 
326 04 20: OCTET STRING 
: E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 
42 37 AE 22 AE 9E 38 BB 


) 
: ) 
348 30 13: SEQUENCE ( 


350 06 9: OBJECT IDENTIFIER 
: shalwithRSAEncryption (1 2 840 113549 1 1 5) 
: (PKCS +1) 

361 05 0: NULL 
: ) 

363 03 129: BIT STRING 0 unused bits 


B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 
2E 4C DB OC F0 48 OF 32 61 EE CA 04 


EC 12 5D 2D FF OF 64 59 7E OA C3 ED 
18 FD E3 56 40 37 A7 07 B5 FO 38 12 
61 50 ED EF DD 3F E3 OB B8 61 A5 A4 
9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C 
3B B5 2D 45 35 9D 49 01 76 FA B9 B9 
31 F9 F9 6B 12 53 AO F5 14 60 9B 7D 
CA 3E F2 53 6B BO 37 6F AD E6 74 D7 
DB FA 5A EA 14 41 63 5D CD BE C8 OE 
C1 DA 6A 8D 53 34 18 02 
) 
DianeDSSSignByCarlInherit - 

0 30 440: SEQUENCE { 

4: 3.0; 35s SEQUENCE { 

8 AO 33 [01 { 

10 02 Ls INTEGER 2 

: } 
13 02 2: INTEGER 210 
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17 30 9: SEQUENCE { 
19 06 7: OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
: (ANSI X9.57 algorithm) 


: } 
28 30 18: SEQUENCE { 


30 31 16: SET { 
32 30 14: SEQUENCE { 
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
39:18 "s PrintableString 'CarlDSS' 
: } 
} 
E } 
48 30 30: SEQUENCE { 
50 17 13: UTCTime '9908170208102" 
65 17 13: UTCTime /’ 3912312359592’ 
g } 
80 30 19: SEQUENCE { 
82 31 Lys SET { 
84 30 os SEQUENCE { 
86 06 SE OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
91 13 8: PrintableString ’DianeDSS’ 
: } 
} 
: } 
101 30 147: SEQUENCE { 
104 30 9: SEQUENCE ( 


106 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
: ) 
115 03 133: BIT STRING 0 unused bits, encapsulates ( 
119 02 129: INTEGER 
: 00 AO 00 17 78 2C EE 7E 81 53 2E 2E 
61 08 OF Al 9B 51 52 1A DA 59 A8 73 
2F 12 25 B6 08 CB CA EF 2A 44 76 8A 
52 09 EA BD 05 22 D5 OF F6 FD 46 D7 
AF 99 38 09 OE 13 CB 4F 2C DD 1C 34 
F7 1C BF 25 FF 23 D3 3B 59 E7 82 97 
37 BE 31 24 D8 18 C8 F3 49 39 5B B7 
E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F 
68 4D DD 46 7A 22 BE 8E FF CC DA 39 
29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6 
81 67 CC CO AA CD 2E C5 23 


} 


251 A3 129: [3] { 
254 30 127: SEQUENCE { 
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20: 


22: 
20: 


Examples of S/MIME Messages 


SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE () 
} 


} 
SEQUENCE { 


July 2005 


OBJECT IDENTIFIER keyUsage (2 5 29 15) 


(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
CTE 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 


authorityKeyIdentifier (2 5 29 35) 


(X.509 id-ce (2 5 29)) 
OCTET STRING, encapsulates ( 
SEQUENCE ( 
[0] 


70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 


3D 20 BC 43 2B 93 F1 1F 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 


subjectKeyIdentifier (2 5 29 14) 


(X.509 id-ce (2 5 29)) 
OCTET STRING, encapsulates ( 
OCTET STRING 


64 30 99 7D 5C DC 45 OB 99 3A 52 2F 


16 BF 58 50 DD CE 2B 18 
) 
) 
SEQUENCE ( 
OBJECT IDENTIFIER subjectAltName 
(X.509 id-ce (2 5 29)) 
OCTET STRING, encapsulates ( 
SEQUENCE ( 
[1] ’DianeDSS@example.com’ 


} 


Informational 


(2 5 29 17) 
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} 
: } 
383 30 O SEQUENCE ( 
385 06 7: OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
E (ANSI X9.57 algorithm) 


E ) 
394 03 48: BIT STRING 0 unused bits, encapsulates ( 


397 30 45: SEQUENCE { 


399 02 21: INTEGER 
: 00 A1 1A F8 17 OE 3E 5D A8 8C F4 B6 
i 55 33 1E 4B E3 2C AC B9 5F 
422 02 20: INTEGER 
: 28 4B 10 45 58 D2 1C 9D 55 35 14 18 
91 B2 3F 39 DF B5 6E D3 


} 


DianeRSASignByCarl = 
0 30 556: SEQUENCE { 
4 30 405: SEQUENCE { 
8 AO 24 [0] ( 
10 02 Ls INTEGER 2 
: } 
13 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
H D5 9A 30 90 
31 30 133 SEQUENCE ( 
33 06 9 OBJECT IDENTIFIER 
; shalwithRSAEncryption (1 2 840 113549 1 1 5) 
H (PKCS +1) 
44 05 0: NULL 
: } 
46 30 18: SEQUENCE { 
48 31 L6: SET { 
50 30 14: SEQUENCE ( 
52 06 3 OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
57 13 Ts PrintableString 'CarlRSA' 
: ) 
} 
: ) 
66 30 30: SEQUENCE ( 
68 17 I3: UTCTime '9908190700002' 


83 17 13% UTCTime '3912312359592' 
: ) 
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98 30 1:93 SEQUENCE ( 
100 31 ds SET ( 
102 30 1:5: SEQUENCE ( 
104 06 ue OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
109-13 85 PrintableString ’DianeRSA’ 
: ) 
} 
: } 
119 30 159: SEQUENCE { 
122 30 13: SEQUENCE ( 
124 06 Os OBJECT IDENTIFIER 
: rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS +1) 
135 05 0: NULL 
E } 
137030 LAL: BIT STRING 0 unused bits, encapsulates { 
141 30 137: SEQUENCE { 


144 02 129: INTEGER 

: 00 D6 FD B8 CO 70 c6 4C 25 EC EA CF 
EA 7C BB A2 62 FA F0 E6 32 3A 53 FF 
B1 92 5A 17 F4 20 El 99 24 82 OA DO 
F6 7C FB 44 CA 8B 27 06 F1 7E 26 03 
A9 76 9D CF EC AO 2C 70 96 F2 83 42 
F6 D4 B7 28 OA BB F8 BF 4A 4C 19 3F 
07 DB AO C1 60 1E B7 7E 67 F7 DE B1 
C3 60 49 AC 45 D7 F8 C6 EF 08 37 21 
93 47 EE FO 73 35 72 BO 02 C4 F3 11 
C3 5E 47 E5 OA B7 83 F1 DB 74 69 64 
8B 44 1D 95 5D CD 28 CO 85 


276 02 33 INTEGER 65537 
: ) 
) 
: ) 
281 A3 129: [3] ( 
284 30 127: SEQUENCE ( 
286 30 12: SEQUENCE ( 


288 06 33 OBJECT IDENTIFIER 
: basicConstraints (2 5 29 19) 
: (X.509 id-ce (2 5 29)) 

293 01 dg BOOLEAN TRUE 


296 04 2s OCTET STRING, encapsulates ( 
298 30 0: SEQUENCE () 

: } 

: ) 
300 30 14: SEQUENCE ( 


302 06 3s OBJECT IDENTIFIER keyUsage (2 5 29 15) 
: (X.509 id-ce (2 5 29)) 
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428 
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06 


04 
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129; 
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BOOLEAN TRUE 
OCTET STRING, encapsulates ( 
BIT STRING 5 unused bits 
"3 TB 
) 
) 
SEQUENCE ( 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[0] 
E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 
42 37 4E 22 AE 9E 38 BB 


) 
) 
SEQUENCE ( 
OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 
OCTET STRING, encapsulates ( 
OCTET STRING 
8C F3 CB 75 OE 8D 31 F6 D4 29 DA 44 
92 75 B8 FE ED 4F 39 OC 


) 
} 
SEQUENCE { 
OBJECT IDENTIFIER subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 
OCTET STRING, encapsulates { 
SEQUENCE { 
[1] ’DianeRSA@example.com’ 


} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
shalwithRSAEncryption (1 2 840 113549 1 1 5) 
(PKCS #1) 
NULL 
} 
BIT STRING 0 unused bits 
7D A6 2C B5 78 42 D6 79 F3 31 FE F6 
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42 CA OF 13 07 92 09 1B EO 6F BO 91 
18 F6 BF 4A FB CC 63 79 FB 81 BF DD 
97 C7 90 6B CB OA 37 2B 41 6A 03 98 
C5 1B 3E 32 C8 45 2B 86 01 9C 1C E2 
36 EF 16 C1 1A 92 B8 BE 62 FB 53 3E 
49 47 OB C4 B9 E4 2B 58 A6 06 83 FO 
B2 A7 BB 85 7E D5 C6 DA CE 9C 7B 31 
72 D7 A2 EA 41 AB 6A CO DD 1F B9 14 
44 18 CF 84 57 66 E8 C5 E6 B8 DC 2D 
B3 1F 1B 28 43 36 75 7A 


2.4. CRLs 
CarlDSSCRLForAll = 
0 30 216: SEQUENCE { 
3 30 153: SEQUENCE ( 
6 30 9: SEQUENCE ( 
8 06 T OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
7 (ANSI X9.57 algorithm) 
: ) 
17 30 18: SEQUENCE ( 
19-91 16: SET ( 
21 30 14: SEQUENCE ( 
23 06 E OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
28 13 Ts PrintableString 'CarlDSS' 
: } 
} 
E ) 
37 17 13% UTCTime ’9908270700002’ 
52 30 105: SEQUENCE { 
54 30 19: SEQUENCE ( 
56 02 2. INTEGER 200 
60 17 13: UTCTime ’9908220700002’ 
; } 
75 30 19: SEQUENCE { 
77 02 2: INTEGER 201 
81 17 13: UTCTime ’9908220700002’ 
: } 
96 30 19: SEQUENCE { 
98 02 28 INTEGER 211 
102 17 Tas UTCTime ’9908220700002’ 
: } 
117 30 19: SEQUENCE { 
119 02 2s INTEGER 210 


123; £7 13: UTCTime '9908220700002" 
: ) 
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138 30 193 SEQUENCE ( 
140 02 2: INTEGER 212 
144 17 13: UTCTime '9908240700002" 
: ) 
: ) 
: ) 
159 30 9: SEQUENCE ( 
161 06 as OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
: (ANSI X9.57 algorithm) 
E ) 
170 03 47: BIT STRING 0 unused bits, encapsulates { 
173 30 44: SEQUENCE ( 
175 02 20: INTEGER 
E 7E 65 52 76 33 FE 34 73 17 D1 F7 96 
- F9 AO D4 D8 6D 5C 7D 3D 
197 02 20: INTEGER 
: 02 7A 5B B7 D5 5B 18 Cl CF 87 EF 7E 
DA 24 F3 2A 83 9C 35 A1 
} 
} 
} 
CarlDSSCRLForCarl = 
0 30 131: SEQUENCE { 
3 30 68: SEQUENCE ( 
5 30 9: SEQUENCE ( 
7 06 he OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
: (ANSI X9.57 algorithm) 
: } 
16 30 18: SEQUENCE ( 
18 31 16: SET { 
20 30 14: SEQUENCE ( 
22 06 38 OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
27 13 "ue PrintableString 'CarlDSS' 
: } 
: } 
E ) 
36 17 13: UTCTime ’ 9908250700002’ 
51 30 20: SEQUENCE { 
53 30 18: SEQUENCE { 
55 02 dos INTEGER 1 
58 17 13: UTCTime '9908220700002" 
: ) 
: ) 
: ) 
73 30 9: SEQUENCE { 
75 06 7: OBJECT IDENTIFIER dsaWithShal (1 2 840 10040 4 3) 
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(ANSI X9.57 algorithm) 
E ) 
84 03 48: BIT STRING 0 unused bits, encapsulates ( 
87 30 45: SEQUENCE ( 
89 02 21: INTEGER 
: 00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9 
H DE 79 22 EC 4F BO 90 FE 97 
112 02 20: INTEGER 
H 5A 8B C3 84 BC 66 87 1B BF 79 82 5B 
OA 5D 07 F6 BA A9 05 29 
) 
} 
} 
CarlDSSCRLEmpty = 
0 30 109: SEQUENCE { 
2 30 46: SEQUENCE ( 
4 30 9: SEQUENCE { 
6 06 Ta OBJECT IDENTIFIER dsaWithShal 
: (ANSI X9.57 algorithm) 
: ) 
15 30 18: SEQUENCE ( 
TY 31 16: SET ( 
19 30 14: SEQUENCE ( 
21 06 E OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
26 13 Ts PrintableString 'CarlDSS' 
: } 
} 
x ) 
35. 17 13: UTCTime ’9908200700002’ 
: } 
50 30 9: SEQUENCE { 
52 06 des OBJECT IDENTIFIER dsaWithShal 
E (ANSI X9.57 algorithm) 
$ } 
61 03 48: BIT STRING 0 unused bits, encapsulates { 
64 30 45: SEQUENCE { 
66 02 20: INTEGER 
: 62 3F 36 17 31 58 2E 67 50 79 F5 09 
: 4B 8C AD D4 6B F4 64 9F 
88 02 21: INTEGER 
: 00 B5 3B 4E Al 4C 7B FD OF C3 8D 9B 
B6 FE C3 5D 6F DE 65 28 7D 
} 
} 
} 
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CarlRSACRLForAll = 
0 30 307: SEQUENCE { 
4 30 157: SEQUENCE { 
7 30 133 SEQUENCE { 
9 06 9 OBJECT IDENTIFIER 
$ md5withRSAEncryption (1 2 840 113549 1 1 4) 
: (PKCS #1) 
20 05 0: NULL 
: } 
22 30 18: SEQUENCE { 
24 31 16: SET { 
26 30 14: SEQUENCE { 
28 06 35 OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
33:13 que PrintableString 'CarlRSA' 
: } 
: ) 
: } 
42 17 13% UTCTime * 9908270700002” 
57 30 105: SEQUENCE ( 
59 30 331 SEQUENCE ( 
61 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
: C4 10 B3 BO 
79 17 13% UTCTime ’ 9908220700002’ 
: } 
94 30 33% SEQUENCE { 
96 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
: D5 9A 30 90 
114 17 T3 UTCTime '9908220700002"' 
: ) 
129 30 33: SEQUENCE { 
131 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
$ CD 5D 71 DO 
149 17 13: UTCTime * 9908240700002” 
: } 
: } 
: } 
164 30 133 SEQUENCE ( 
166 06 9: OBJECT IDENTIFIER 
$ md5withRSAEncryption (1 2 840 113549 1 1 4) 
: (PKCS #1) 
177 05 0: NULL 
: } 
Jo 9-03: 12.9% BIT STRING 0 unused bits 
: BF B3 97 AA 53 F0 32 21 16 2B 77 92 
Hoffman, Ed. Informational [Page 36] 


RFC 4134 Examples of S/MIME Messages July 2005 


7A 6B BB 97 C8 DC EA F1 FA 66 16 30 
OE BS 9E 5C FO 81 D4 5E B3 6E C1 88 
6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D 
AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC 
6F 27 BF 35 50 71 81 C2 B9 44 5B 62 
89 19 12 31 A9 7B 9A D3 CC 66 CB 11 
D9 OB 10 47 77 AD 4F 22 D9 E5 7F 30 
F2 5B FC 94 51 A5 58 76 3B 1F A8 46 
A6 1F F6 Al DE 55 Al ED 31 88 69 97 
OF 08 D3 D4 OC 60 5B 1E 


} 


CarlRSACRLForCarl = 
0 30 236: SEQUENCE { 
3 30 87: SEQUENCE { 
5: 30 13: SEQUENCE ( 
7 06 9: OBJECT IDENTIFIER 
: md5withRSAEncryption (1 2 840 113549 1 1 4) 
: (PKCS +1) 
18 05 0: NULL 
: ) 
20 30 18: SEQUENCE ( 
22 31 16: SET ( 
24 30 14: SEQUENCE ( 
26 06 3 OBJECT IDENTIFIER commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
31.13 Te PrintableString 'CarlRSA' 
: } 
} 
: ) 
40 17 I3: UTCTime '9908250700002' 
55 30 35* SEQUENCE ( 
57 30 33: SEQUENCE ( 
59 02 163 INTEGER 
y 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
$ 9F F2 50 20 
77 17 I3; UTCTime '’9908220700002’ 
: } 
} 
: ) 
92 30 1.33 SEQUENCE ( 
94 06 9s OBJECT IDENTIFIER 
$ md5withRSAEncryption (1 2 840 113549 1 1 4) 
: (PKCS #1) 
105 05 0: NULL 
: ) 
LOT O3 -129* BIT STRING 0 unused bits 


21 EF 21 D4 C1 1A 85 95 49 6B CA 45 
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62 DC D7 09 FF A9 51 2E 8E D9 47 18 
FA F8 E5 72 DD 4F ED 74 74 E3 F3 65 
32 65 28 2C 9A 1D 57 E5 D5 26 06 EA 
D5 E6 23 95 84 8D OE 89 9E EE 9B OC 
2F CE 07 F7 A3 D1 6B 85 4C OF FF E6 
DD FC DC CD 73 2C 1E 7D DC BO 71 C5 
4C FC 01 6E 52 57 69 1E 39 63 DF 12 
22 30 C7 13 55 94 05 6E 2A 00 A9 5B 
C4 2A 66 94 62 CE 36 33 C2 2B 63 47 
25 9D F3 DE 70 EE 00 56 
) 
CarlRSACRLEmpty - 
0 30 199: SEQUENCE ( 
3 30 50: SEQUENCE ( 
5. 30 13; SEQUENCE ( 
7 06 9: OBJECT IDENTIFIER 
: md5withRSAEncryption 
: (PKCS #1) 
18 05 0: NULL 
: ) 
20 30 18: SEQUENCE ( 
22 31 16: SET ( 
24 30 14: SEQUENCE ( 
26 06 34 OBJECT IDENTIFIER commonName 
: (X.520 id-at (2 5 4)) 
31.13 Te PrintableString 'CarlRSA' 
: } 
: } 
: } 
40 17 T3 UTCTime '9908200700002' 
: } 
592310) 13% SEQUENCE { 
57 06 9s OBJECT IDENTIFIER 
: md5withRSAEncryption 
; (PKCS +1) 
68 05 0: NULL 
: } 
70 03 129: BIT STRING 0 unused bits 
: A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04 
F3 20 45 86 1E OB 6E 7F 83 6D 5F F4 
34 76 06 59 25 OE 04 3D 88 09 88 81 
37 C4 DC 20 98 FA 17 81 OB 37 94 AC 
B4 8F 7B 51 89 14 A4 CB 72 73 14 07 
BC 22 9C 40 A1 07 FC 44 7C 85 OF OB 
88 D1 EE El OE AF F6 16 74 AD Al AF 
C1 00 75 00 64 EA A5 9A F6 OB 08 A2 
DB 95 19 5F A6 A7 B9 39 45 25 OA OE 
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F6 5E 84 E7 F8 B9 5A C9 18 C2 OE B8 
A0 96 BE 81 3A 80 6D C9 
} 
3. Trivial Examples 
This section covers examples of small CMS types. 


3.1. ContentInfo with Data Type, BER 


The object is a ContentInfo containing a Data object in BER format 
that is ExContent. 


0 30 NDEF: SEQUENCE { 


2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
(PKCS #7) 

13 AO NDEF: [0] 4 

15 24 NDEF: OCTET STRING ( 

17 04 4: OCTET STRING ’This’ 

23 04 24: OCTET STRING ’ is some sample content.’ 


} 
} 
3.2. ContentInfo with Data Type, DER 


The object is a ContentInfo containing a Data object in DER format 
that is ExContent. 


0 30 43: SEQUENCE { 


2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
(PKCS #7) 
13 AO 30: [0] ( 


15 04 28: OCTET STRING 'This is some sample content.” 
: } 
4. Signed-data 
4.1. Basic Signed Content, DSS 
A SignedData with no attribute certificates, signed by Alice using 
DSS, just her certificate (not Carl’s root cert), no CRL. The 


message is ExContent, and is included in the eContent. There are no 
signed or unsigned attributes. 
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0 30 919: SEQUENCE { 


4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
: (PKCS #7) 
15 AO 904: [0] 4 
19 30 900: SEQUENCE ( 
29:302 ds INTEGER 1 
26 31 9: SET { 
28 30 Ais SEQUENCE { 
30 06 Dus OBJECT IDENTIFIER shal (13 14 3 2 26) 
(OIW) 
) 
: } 
37 30 43: SEQUENCE { 
39 06 9% OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
: (PKCS #7) 
50 AO 30: [0] { 
52 04 28: OCTET STRING 'This is some sample content.” 
: } 
: } 
82 A0 736: [0] { 
86 30 732: SEQUENCE { 
90 30 667: SEQUENCE { 
94 AO 3% [0] ( 
96 02 Le INTEGER 2 
: } 
99. 02 2 INTEGER 200 
103 30 9: SEQUENCE { 


105 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
114 30 18: SEQUENCE { 


116 31 16: SET { 
118 30 14: SEQUENCE { 


120 06 jt OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


125. 13 Ts PrintableString 'CarlDSS' 
: } 
} 
: ) 
134 30 30: SEQUENCE { 
136 17 133 UTCTime '’9908170110492’ 
151 17 135 UTCTime '391231235959Z' 
: ) 
166 30 19: SEQUENCE ( 
168 31 174 SET { 
170 30 15's SEQUENCE { 
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172 06 3 OBJECT IDENTIFIER 
$ commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


MIT 13 8: PrintableString ’AliceDSS’ 
: ) 
) 
: } 
187 30 438: SEQUENCE { 
191 30 299: SEQUENCE { 


195 06 "he OBJECT IDENTIFIER 
: dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
204 30 286: SEQUENCE ( 
208 02 129: INTEGER 
: 00 81 8D CD ED 83 EA OA 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 D1 FE 9F AF A4 Al 89 
2F El D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D BO 84 97 37 F2 EA 51 1B 
i B5 E4 09 96 5C F3 7E 5B DB 
340 02 21: INTEGER 
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F 
B8 37 21 2B 62 8B F7 93 CD 
INTEGER 
26 38 DO 14 89 32 AA 39 FB 3E 6D D9 
4 
e 


363 02 128: 


B 59 6A 4C 76 23 39 04 02 35 5C F2 
B 1A 30 C3 1E 50 5D DD 9B 59 E2 CD 
AA 05 3D 58 CO 7B A2 36 B8 6E 07 AF 
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 
3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 
01 7C 6D 49 89 11 89 36 44 BD F8 C8 
95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 
1F 11 7F C2 BD ED D1 50 FF 98 74 C2 
D1 81 4A 60 39 BA 36 39 


494 03 132: BIT STRING 0 unused bits, encapsulates ( 
498 02 128: INTEGER 

: 5C E3 B9 5A 75 14 96 OB A9 7A DD E3 

3F A9 EC AC 5E DC BD B7 13 11 34 A6 

16 89 28 11 23 D9 34 86 67 75 75 13 

12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 
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1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 
A5 AO 4A E3 85 D6 CE 06 80 3F E8 23 
7E 1A F2 24 AB 53 1A B8 27 0D 1E EF 
08 BF 66 14 80 5C 62 AC 65 FA 15 8B 
F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 
32 84 FO 7E 41 40 FD 46 A7 63 4E 33 
F2 A5 E2 F4 F2 83 E5 B8 


) 
[3] ( 
SEQUENCE ( 
SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE () 
) 


) 
SEQUENCE ( 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates ( 
BIT STRING 6 unused bits 
'11'B 


) 
) 
SEQUENCE ( 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[0] 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 
) 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
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BE 6C Al B3 E3 Cl F7 ED 43 70 A4 CE 
13 01 E2 FD E3 97 FE CD 
) 
: ) 
728 30 OT. SEQUENCE ( 
730 06 3: OBJECT IDENTIFIER 
: subjectAltName (2 5 29 17) 


: (X.509 id-ce (2 5 29)) 
735 04 24: OCTET STRING, encapsulates ( 


737 30 22: SEQUENCE ( 
739 81 20: [1] ’AliceDSS@example.com’ 

: ) 

} 
} 
} 
} 

: } 

761 30 91 SEQUENCE ( 


763 06 T OBJECT IDENTIFIER 
7 dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
772 03 48: BIT STRING 0 unused bits, encapsulates { 


775 30 45: SEQUENCE { 


777 02 20: INTEGER 
: 55 0C A4 19 LE 42 2B 89 71 22 33 8D 
: 83 6A B5 3D 67 6B BF 45 
799 02 zl. INTEGER 
: 00 9F 61 53 52 54 OB 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


) 
: } 
822 31 99: SET { 


824 30 97: SEQUENCE ( 
826 02 1: INTEGER 1 
829 30 24: SEQUENCE { 
831 30 18: SEQUENCE ( 
833 31 16: SET ( 
835 30 14: SEQUENCE ( 
837 06 3 OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
H (X.520 id-at (2 5 4)) 
842 13 T3 PrintableString 'CarlDSS' 


} 
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851 02 2: INTEGER 200 
$ } 

855 30 7: SEQUENCE { 

857 06 5: OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
: (OIW) 
; } 

864 30 9: SEQUENCE { 


866 06 Ta OBJECT IDENTIFIER 
H dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
2 } 
875 04 46: OCTET STRING, encapsulates { 


877 30 44: SEQUENCE ( 


879 02 20: INTEGER 
E 09 91 FE EB D2 69 F5 18 B7 D7 CD 55 
: F4 81 EA 2A 42 6A AD 03 
901 02 20: INTEGER 
: 3A 07 CC C3 21 BE El 1A 4B 7F 3E B5 
OD DB BA 1C EA BC CD 89 


Basic Signed Content, RSA 


Same as 4.1, except using RSA signatures. A SignedData with no 
attribute certificates, signed by Alice using RSA, just her 
certificate (not Carl's root cert), no CRL. The message is 
ExContent, and is included in the eContent. There are no signed or 
unsigned attributes. 


0 30 850: SEQUENCE { 


4 06 9 OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
(PKCS #7) 
15 AO 835: [01 { 
19 30 831: SEQUENCE { 
23 02 T; INTEGER 1 
26,31 TT SET ( 
28 30 9: SEQUENCE { 
30 06 de OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
: (OIW) 
37 05 0: NULL 


} 
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39 30 43: SEQUENCE { 

41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
: (PKCS #7) 

52 AO 30: [01 { 

54 04 28: OCTET STRING 'This is some sample content.’ 
: ) 
: } 

84 AO 560: [0] ( 

88 30 556: SEQUENCE ( 

92 30 405: SEQUENCE ( 

96 A0 3: [0] ( 

98 02 Ts INTEGER 2 
: } 

101 02 16: INTEGER 


46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
H C4 10 B3 BO 
119° 3:0 13% SEQUENCE { 
121 06 Di OBJECT IDENTIFIER 
: shalwithRSAEncryption 
(12 840 113549 1 1 5) 


: (PKCS +1) 
132 05 0: NULL 
: } 
134 30 18: SEQUENCE { 
136 31 16: SET { 
138 30 14: SEQUENCE { 


140 06 33 OBJECT IDENTIFIER 
i commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


145 13 Ts PrintableString 'CarlRSA' 
: ) 
) 
: ) 
154 30 30: SEQUENCE ( 
156 17 13% UTCTime '9909190108472' 
Tub d 13 UTCTime '3912312359592' 
: ) 
186 30 193 SEQUENCE ( 
188 31 Ls SET { 
190 30 o: SEQUENCE ( 


192 06 Que OBJECT IDENTIFIER 

: commonName (2 5 4 3) 

i (X.520 id-at (2 5 4)) 
197 13 8: PrintableString 'AliceRSA' 

: ) 

) 

: ) 

207 30 159: SEQUENCE { 
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SEQUENCE { 
OBJECT IDENTIFIER 
rsaEncryption (1 2 840 113549 1 1 1) 
(PKCS #1) 
NULL 
} 
BIT STRING 0 unused bits, encapsulates { 
SEQUENCE { 
INTEGER 
00 EO 89 73 39 8D D8 F5 F5 E8 87 76 
39 7F 4E BO 05 BB 53 83 DE OF B7 AB 
DC 7D C7 75 29 OD 05 2E 6D 12 DF A6 
86 26 D4 D2 6F AA 58 29 FC 97 EC FA 
82 51 OF 30 80 BE B1 50 9E 46 44 F1 
2C BB D8 32 CF C6 68 6F 07 D9 BO 60 
AC BE EE 34 09 6A 13 F5 F7 05 05 93 
DF 5E BA 35 56 D9 61 FF 19 7F C9 81 
E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 
9F 2D FA 55 3A B9 99 77 02 A6 48 52 
8C 4E F3 57 38 57 74 57 5F 
INTEGER 65537 
} 


} 
[3] ( 
SEQUENCE ( 
SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE () 
} 


} 
SEQUENCE { 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
'11'B 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 


Informational [Page 46] 


RFC 4134 


411 
413 
415 


Z3: 
439 


444 


446 


468 


470 


475 
477 
479 


501 
503 


514 


516 


Hoffman, 


04 
30 
80 


30 
06 


04 


04 


30 


06 


04 
30 
81 


30 


05 


03 


Ed. 


24: 
22: 
20: 


22: 
20: 


22: 
20: 


129: 


Examples of S/MIME Messages July 2005 


(X.509 id-ce (2 5 29)) 
OCTET STRING, encapsulates ( 
SEQUENCE ( 
[0] 
E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 
42 37 4E 22 AE 9E 38 BB 
} 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D 
CE EC 3C AO 3A E3 FF 50 

) 


} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[1] 'AliceRSAGexample.com' 
} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
shalwithRSAEncryption 
(1 2 840 113549 1 1 5) 
(PKCS +1) 
NULL 
} 
BIT STRING 0 unused bits 
3E 70 47 A8 48 CC 13 58 8F CA 51 71 
6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC 
CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C 
59 A9 20 AA 05 81 A8 4E 25 AD A7 70 
14 75 2F F5 C7 9B D1 OE E9 63 D2 64 
B7 C6 66 6E 73 21 54 DF F4 BA 25 5D 
7D 49 D3 94 6B 22 36 74 73 B8 4A EC 
2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A 
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B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA 
F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A 
76 AE EB 9B DB 49 BO 22 
} 
} 
SET { 
SEQUENCE { 
INTEGER 1 
SEQUENCE { 
SEQUENC 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString 'CarlRSA' 
} 
} 


E 


{ 


} 
INTEGER 
46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
C4 10 B3 BO 
} 
SEQUENCE { 
OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 
NULL 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
rsaEncryption (1 2 840 113549 1 1 1) 
(PKCS +1) 
NULL 
} 
OCTET STRING 
2F 23 82 D2 F3 09 5F B8 OC 58 EB 4E 
9D BF 89 9A 81 E5 75 C4 91 3D D3 DO 
D5 7B B6 D5 FE 94 Al 8A AC E3 C4 84 
F5 CD 60 4E 27 95 F6 CF 00 86 76 75 
3F 2B FO E7 D4 02 67 A7 F5 C7 8D 16 
04 A5 B3 B5 E7 DY 32 FO 24 EF E7 20 
44 D5 9F 07 C5 53 24 FA CE 01 1D OF 
17 13 A7 2A 95 9D 2B E4 03 95 14 OB 
E9 39 0D BA CE 6E 9C 9E OC E8 98 E6 
55 13 D4 68 6F DO 07 D7 A2 B1 62 4C 
E3 8F AF FD EO D5 5D C7 
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) 
.3. Basic Signed Content, Detached Content 


Same as 4.1, except with no eContent. A SignedData with no attribute 
certificates, signed by Alice using DSS, just her certificate (not 
Carl’s root cert), no CRL. The message is ExContent, but the 
eContent is not included. There are no signed or unsigned 
attributes. 


0 30 887: SEQUENCE { 


4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
(PKCS #7) 
15 AO 872: [0] { 
19 30 868: SEQUENCE { 
23 02 1: INTEGER 1 
26 31 9: SET { 
28 30 7: SEQUENCE { 
30 06 5: OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 
} 
: } 
37 30 11: SEQUENCE { 
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
E (PKCS #7) 
: ) 
50 AO 736: [0] { 
54 30 732: SEQUENCE { 
58 30 667: SEQUENCE { 
62 AO 3: [0] ( 
64 02 1: INTEGER 2 
; } 
67 02 2: INTEGER 200 
71 30 9: SEQUENCE { 


73 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
82 30 18: SEQUENCE { 


84 31 16: SET { 
86 30 14: SEQUENCE { 


88 06 3% OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
93-13 us PrintableString 'CarlDSS' 
: } 
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) 
: } 
102 30 30: SEQUENCE { 


104 17 13: UTCTime ’ 9908170110492’ 

119 17 13: UTCTime ’ 3912312359592’ 
: } 

134 30 19: SEQUENCE { 

136 31 17: SET { 

138 30 T53 SEQUENCE { 


140 06 3: OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


145 13 8: PrintableString ’AliceDSS’ 
: } 
} 
: } 
155 30 438: SEQUENCE { 
159 30 299: SEQUENCE { 


163 06 Ws OBJECT IDENTIFIER 
: dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
172 30 286: SEQUENCE { 
176 02 129: INTEGER 
: 00 81 8D CD ED 83 EA OA 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 D1 FE 9F AF A4 Al 89 
2F El D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D BO 84 97 37 F2 EA 51 1B 
: B5 E4 09 96 5C F3 7E 5B DB 
308 02 Al's INTEGER 
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F 


: B8 37 21 2B 62 8B F7 93 CD 
331 02 128: INTEGER 
E 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 
4B 59 6A 4C 76 23 39 04 02 35 5C F2 
CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD 
AA 05 3D 58 CO 7B A2 36 B8 6E 07 AF 
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 
3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 
01 7C 6D 49 89 11 89 36 44 BD F8 C8 
95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 
1F 11 7F C2 BD ED D1 50 FF 98 74 C2 
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D1 81 4A 60 39 BA 36 39 
} 


462 03 132: BIT STRING 0 unused bits, encapsulates { 
466 02 128: INTEGER 
: 5C E3 B9 5A 75 14 96 OB A9 7A DD E3 

3F A9 EC AC 5E DC BD B7 13 11 34 A6 
16 89 28 11 23 D9 34 86 67 75 75 13 
12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 
1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 
A5 AO 4A E3 85 D6 CE 06 80 3F E8 23 
7E 1A F2 24 AB 53 1A B8 27 OD 1E EF 
08 BF 66 14 80 5C 62 AC 65 FA 15 8B 
F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 
32 84 FO 7E 41 40 FD 46 A7 63 4E 33 
F2 A5 E2 F4 F2 83 E5 B8 
} 


: } 
597 A3 129: [3] { 


600 30 127: SEQUENCE { 
602 30 12: SEQUENCE { 
604 06 3% OBJECT IDENTIFIER 
: basicConstraints (2 5 29 19) 
: (X.509 id-ce (2 5 29)) 
609 01 T BOOLEAN TRUE 
612 04 2: OCTET STRING, encapsulates ( 
614 30 0: SEQUENCE () 
: } 
: } 
616 30 14: SEQUENCE { 
618 06 3: OBJECT IDENTIFIER 
4 keyUsage (2 5 29 15) 
E (X.509 id-ce (2 5 29)) 
623 01 ile BOOLEAN TRUE 
626 04 4: OCTET STRING, encapsulates { 
628 03 2 BIT STRING 6 unused bits 
. Le a B= 
} 
: } 
632 30 314 SEQUENCE { 
634 06 je OBJECT IDENTIFIER 
: authorityKeyIdentifier (2 5 29 35) 
: (X.509 id-ce (2 5 29)) 
639 04 24: OCTET STRING, encapsulates ( 
641 30 22: SEQUENCE ( 


643 80 20: [0] 
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 ES3 
3D 20 BC 43 2B 93 Fl 1F 
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665 
667 


672 
674 


696 
698 


703 
705 
707 


729 
731 


740 
743 
745 


767 


790 
792 
794 
797 
299 
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30 
06 


04 
04 


30 
06 


04 
30 
81 


30 
06 


03 
30 
02 


02 


31 
30 
02 
30 
30 
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22: 
20: 


22: 
20: 


Ailes 
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} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 
13 01 E2 FD E3 97 FE CD 

) 


} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[1] ’AliceDSS@example.com’ 
) 


) 
) 
SEQUENCE ( 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
) 
BIT STRING 0 unused bits, encapsulates ( 
SEQUENCE ( 
INTEGER 
55 0C A4 19 1F 42 2B 89 71 22 33 8D 
83 6A B5 3D 67 6B BF 45 
INTEGER 
00 9F 61 53 52 54 OB 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


) 

) 

SET ( 

SEQUENCE ( 
INTEGER 1 
SEQUENCE ( 

SEQUENCE ( 
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801 31 16: SET ( 
803 30 14: SEQUENCE ( 
805 06 9 OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
810 13 pe PrintableString 'CarlDSS' 
: ) 
) 
: ) 
819 02 23 INTEGER 200 
: ) 
823 30 VES SEQUENCE { 
825 06 9% OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
: (OIW) 
: } 
832 30 9: SEQUENCE { 


834 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
843 04 46: OCTET STRING, encapsulates { 


845 30 44: SEQUENCE { 


847 02 20: INTEGER 
: 06 FB C7 2A 24 D5 34 89 F7 8B B5 FD 
: 73 24 A5 86 C8 OF 5A 6C 
869 02 20: INTEGER 
E 66 69 19 BC 68 58 D1 8D B1 9D 52 3F 
DA 14 88 0D FD C9 Al B8 


4.4. Fancier Signed Content 


Same as 4.1, but includes Carl's root cert, Carl's CRL, some signed 
and unsigned attributes (Countersignature by Diane). A SignedData 
with no attribute certificates, signed by Alice using DSS, her 
certificate and Carl's root cert, Carl's DSS CRL. The message is 
ExContent, and is included in the eContent. The signed attributes 
are Content Type, Message Digest and Signing Time; the unsigned 
attributes are content hint and counter signature. The message 
includes also Alice's RSA certificate. 
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99 


117 
T19 


130 


132 
134 
136 
138 


143 


152 
154 
169 
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30 2829: 
06 9 
AO 2814: 
30 2810: 
02 1: 
31 9: 
30 Ws 
06 5 
30 43 
06 9 
AO 30: 
04 284 
AO 1967: 
30- 5563 
30 405: 
AO 3 
02 des 
02 16: 
30 13: 
06 9: 
05 0: 
30 18: 
31 16: 
30 T4 
06 3 
13 Iss 
30 30: 
17 13 
17 13: 
Ed. 
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SEQUENCE { 
OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
(PKCS #7) 
[0] 4 
SEQUENCE { 
INTEGER 1 
SET { 
SEQUENCE ( 
OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 


) 
} 
SEQUENCE { 
OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
(PKCS #7) 
[01 { 
OCTET STRING 'This is some sample content.’ 
} 
} 
[01 { 
SEQUENCE { 
SEQUENCE { 
[01 { 
INTEGER 2 
} 
INTEGER 
46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
C4 10 B3 BO 
SEQUENCE { 
OBJECT IDENTIFIER 
shalwithRSAEncryption 
(2. 22> 840) 113549 dod: 53 
(PKCS #1) 
NULL 
} 
SEQUENCE { 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString 'CarlRSA' 
) 
) 


} 

SEQUENCE { 
UTCTime ’ 9909190108472’ 
UTCTime '3912312359592' 


Informational [Page 54] 


RFC 4134 Examples of S/MIME Messages July 2005 


: ) 
184 30 19: SEQUENCE ( 


186 31 Tire SET ( 
188 30 155 SEQUENCE { 


190 06 3: OBJECT IDENTIFIER 
E commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


1:95: 3 8: PrintableString ’AliceRSA’ 
: ) 
} 
: } 
205.30. 159; SEQUENCE ( 
208 30 13% SEQUENCE { 
210 06 93 OBJECT IDENTIFIER 
: rsaEncryption (12 840 113549 1 1 1) 
: (PKCS #1) 
221 05 0: NULL 
: } 
223 03 141: BIT STRING 0 unused bits, encapsulates { 
227 30 137: SEQUENCE { 


230 02 129: INTEGER 

: 00 EO 89 73 39 8D D8 F5 F5 E8 87 76 
39 7F 4E BO 05 BB 53 83 DE OF B7 AB 
DC 7D C7 75 29 OD 05 2E 6D 12 DF A6 
86 26 D4 D2 6F AA 58 29 FC 97 EC FA 
82 51 OF 30 80 BE B1 50 9E 46 44 F1 
2C BB D8 32 CF C6 68 6F 07 D9 BO 60 
AC BE EE 34 09 6A 13 F5 F7 05 05 93 
DF 5E BA 35 56 D9 61 FF 19 7F C9 81 
E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 
9F 2D FA 55 3A B9 99 77 02 A6 48 52 
8C 4E F3 57 38 57 74 57 SF 


362 02 33 INTEGER 65537 

: ) 

) 

: } 
367 A3 129: [3] { 
370 30 127: SEQUENCE ( 
372 30 12: SEQUENCE { 
374 06 33 OBJECT IDENTIFIER 


basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 


mn 


379 01 BOOLEAN TRUE 
382 04 2s OCTET STRING, encapsulates ( 
384 30 0: SEQUENCE () 
: ) 
$ } 
386 30 14: SEQUENCE ( 
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402 
404 


409 
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413 


435 
437 


442 


444 


466 


468 


473 
475 
477 


499 
501 
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01 
04 
03 


30 
06 


04 
30 
80 


30 
06 


04 


04 


30 


06 


04 
30 
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OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates ( 
BIT STRING 6 unused bits 
TIIB 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[0] 
E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 
42 37 4E 22 AE 9E 38 BB 
} 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D 
CE EC 3C AO 3A E3 FF 50 

) 


} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[1] 'AliceRSAGexample.com' 
} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
shalwithRSAEncryption 
(1 2 840 113549 1 1 5) 
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05 


03 


30 
30 
AO 
02 


02 


30 
06 


30 
31 
30 
06 
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16: 
14: 


Examples of S/MIME Messages 


(PKCS +1) 

NULL 
} 

BIT STRING 0 unused bits 
3E 70 47 A8 48 CC 13 58 8F CA 51 
6B 4E 36 18 5D 04 7E 80 B1 8D 4D 
CA A3 8F CC 7D 56 C8 BC CF 6E B3 
59 A9 20 AA 05 81 A8 4E 25 AD A7 
14 75 2F F5 C7 9B D1 OE E9 63 D2 
B7 C6 66 6E 73 21 54 DF F4 BA 25 
7D 49 D3 94 6B 22 36 74 73 B8 4A 
2F 64 ED D3 3D D2 A7 42 C5 E8 37 
B4 DB 9F 67 E4 BD 9F F9 FE 74 EF 
F9 EE 63 6A D8 3F 4B 25 09 B5 D8 
76 AE EB 9B DB 49 BO 22 


} 
SEQUENCE { 
SEQUENCE { 
[0] ( 
INTEGER 2 
) 
INTEGER 1 
SEQUENCE ( 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 
(ANSI X9.57 algorithm) 


) 
SEQUENCE ( 
SET { 
SEQUENCE ( 
OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString 'CarlDSS' 
) 
} 


} 
SEQUENCE { 
UTCTime '9908162250502" 
UTCTime ’ 3912312359592’ 
} 
SEQUENCE { 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString 'CarlDSS' 
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71 
Cc 
1C 
70 
64 
5D 
EC 
8A 
EA 
1A 


3) 


[Page 57] 


RFC 4134 


745 
749 
753 


762 
766 


898 


921 


1052 
1056 
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30 
30 
06 


30 
02 


02 


02 


03 
02 
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21: 


128: 


133% 
129: 


} 
} 
SEQUENCE { 
SEQUENCE { 
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OBJECT IDENTIFIER 


July 2005 


dsa (1 2 840 10040 4 1) 
(ANSI X9.57 algorithm) 


SEQUENCE { 
INTEGER 
00 B6 49 
01 C4 12 
FB C6 4C 
C8 71 4B 
E4 6D D3 
4A 16 F6 
0A 8A BA 
25 15 51 
FC 70 B7 
B5 Al AF 
AD E1 08 
INTEGER 
00 DD C1 
02 A4 BF 
INTEGER 
OC EE 57 
AF 55 7F 
56 0B 2B 
El 6D 3E 
AD CB AE 
87 0B C7 
AF OE C9 
73 AA 7F 
8A 79 61 
B8 A3 58 
FO 42 C4 
} 


BIT STRING 0 
INTEGER 
00 99 87 
2C 75 BB 
6D B1 62 
B1 A3 8E 
4E B9 60 
CO FB CE 
23 96 19 
08 11 A4 


Informational 


18 3E 8A 44 
C1 7A 79 CB 
B3 OE 94 09 
C7 45 CO 50 
E2 86 48 84 
46 ED DD F6 
16 7B B9 50 
97 55 DC 8F 
CD 30 54 FD 
8B CC 02 88 
D4 6D 29 2D 


2F DF 53 CE 
8A 5D 98 B9 


9B 4B BD DA 
9D ED BC 61 
5B 0C 91 CE 
BD BF FE El 


C1 29 71 94 4C 
54 4D AB 1E 81 
06 EB 01 D4 B1 
25 5D 9C FC DA 
82 7D BA 15 95 
98 D2 BB 7E 8A 
01 48 93 8B EB 
53 OE 10 A9 50 
DA DE A8 AA 22 
E7 8B 70 5F B9 
D6 E9 


OB 34 60 77 3E 
10 D5 


B6 07 6A 74 37 
OD EB 46 59 3C 
A5 62 52 69 CA 
B7 B9 2B 61 3C 


45 E3 06 AC 
CD FO 1C D9 
1D 5A 51 F5 
46 51 1F A9 
B4 D5 2F 53 
06 25 F8 29 
63 65 52 9B 


unused bits, 


74 27 03 66 
El 6C 44 9C 
09 E9 D8 AE 
7A 9B 71 4E 
96 19 24 01 
D8 68 00 E3 
06 94 F4 B1 
OB 26 25 FO 


8C 22 9D 9C 44 
B5 4E 5D 73 DE 
4F 44 79 35 5A 
42 16 9C 48 EB 
22 44 63 1F 86 
CO EF BA EO 75 
0A 


encapsulates { 


AO B1 CO AD DC 
DA 21 6D 4D 47 
1E F2 3A B4 94 
00 94 C9 B4 25 
F3 62 0C FE 75 
FD D5 70 4F DF 
61 8F 3A 57 B1 
52 76 81 EA OB 
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1206 
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1216 
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1232 
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A3 
30 
30 
06 
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06 


01 
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30 
06 


04 
04 
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06 
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22: 
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62 0D 95 2A E6 86 BA 72 B2 A7 50 83 
OB AA 27 CD 1B A9 4D 89 9A D7 8D 18 
39 84 3F 8B C5 56 4D 80 7A 

} 


} 
E34 «1 
SEQUENCE ( 
SEQUENCE { 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
BOOLEAN TRUE 
} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 1 unused bits 
^1100001'B 


) 
) 
SEQUENCE ( 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 F1 1F 

} 


} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
} 
BIT STRING 0 unused bits, encapsulates { 
SEQUENCE ( 
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1330 
1334 
1336 


1345 
1347 
1349 
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1365 
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1397 
1399 
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02 


02 


30 
30 
AO 
02 


02 
30 
06 


30 
31 
30 
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30 
17 
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30 
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21: 


16: 
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July 2005 


6B A9 FO 4E 7A 5A 79 E3 F9 BE 3D 2B 


C9 06 37 E9 11 17 A1 13 
INTEGER 


00 8F 34 69 2A 8B B1 3C 03 79 94 32 


4D 12 1F CE 89 FB 46 B2 3B 


} 
} 
SEQUENCE { 
SEQUENCE { 
[01 { 
INTEGER 2 
} 
INTEGER 200 
SEQUENCE { 
OBJECT IDENTIFIER 


dsaWithShal (1 2 840 10040 4 3) 


(ANSI X9.57 algorithm) 
} 
SEQUENCE ( 
SET { 
SEQUENCE { 

OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 

PrintableString 'CarlDSS' 

} 

} 


} 
SEQUENCE ( 
UTCTime ’ 9908170110492’ 
UTCTime ’ 3912312359592’ 
} 
SEQUENCE { 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString ’AliceDSS’ 
} 
} 


} 
SEQUENCE { 
SEQUENCE { 
OBJECT IDENTIFIER 
dsa (1 2 840 10040 4 1) 
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1435 30 286: 
1439 02 129: 


1571 02 21: 


1594 02 128: 


1725. 03: 132; 
1729 02 128: 


1860 A3 129: 
1863 30 127: 
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(ANSI X9.57 
SEQUENCE { 
INTEGER 


0 
4 
5 
0 


0 
B 
I 
2 
4 
C 


AA 


7 
3 
E 
0 


0 
8 
3 
€ 


6 
B 
B 


D 
E 
9 
1 


81 
28 
C3 
D6 
E1 
5F 
DE 
54 
B5 
BD 
E4 


38 
59 
1A 
05 
8A 
90 
CE 
7C 
4A 
11 
81 


8D 
A3 
AB 
F3 
D9 
69 
A7 
F1 
B3 
FF 
09 


NTEGER 


DO 
6A 
30 
3D 
42 
F8 
2E 
6D 
53 
7F 
4A 


BIT STRING 0 
INTEGER 


5 
3 
1 
i 
1 


C 
F 
6 
2 
B 


A5 


T7 


} 
[3] { 


SEQUENCE { 


E 


E3 
A9 
89 
3D 
3E 
AO 
1A 
BF 
BB 
84 
A5 


B9 
EC 
28 
43 
24 
4A 
F2 
66 
34 
FO 
E2 


Informational 


CD 
E4 
84 
44 
30 
8A 
5E 
3F 
E3 
9D 
96 


A6 
2B 


14 
4C 
C3 
58 
25 
6D 
5D 
49 
56 
C2 
60 


unused bits, 


5A 
AC 
11 
5B 
7D 
E3 
24 
14 
D4 
TE 
F4 


Examples of S/MIME Messages 


algorithm) 


ED 
47 
08 
48 
C8 
EA 
F9 
BO 
55 
BO 
5C 


1A 
62 


89 
76 
1E 
co 
A7 
EA 
A3 
89 
B5 
BD 
39 


75 
5E 
23 
6F 
3D 
85 
AB 
80 
D2 
41 
F2 


83 
93 
4F 
D1 
36 
75 
FC 
07 
08 
84 
F3 


45 
8B 


32 
23 
50 
7B 
FA 
9C 
07 
11 
E2 
ED 
BA 


14 
DC 
D9 
E5 
07 
D6 
53 
5C 
96 
40 
83 


96 
BD 
34 
aL 
8D 
CE 
1A 
62 
37 
FD 
E5 


0A 
OE 
94 
9F 
3F 
33 
9F 
47 
D5 
37 
5B 


B8 
93 


39 
04 
DD 
36 
CF 
21 
23 
36 
73 
50 
39 


9E 
D7 
El 
AF 
9B 
el 
2F 
4D 
39 
F2 
DB 


13 
CD 


FB 
02 
9B 
B8 
4A 
8A 
85 
44 
EC 
FF 


July 


39 
A8 
La 
A4 
BF 
91 
DD 
5D 
76 
EA 


C6 


3E 
35 
59 
6E 
08 
3B 
B8 
BD 
1A 
98 


3E 
OE 
48 
Al 
B7 
08 
43 
88 
10 
51 


DA 


6D 
5C 
E2 
07 
5E 
76 
2F 
F8 
61 
74 


2005 


C2 
EC 
7E 
89 
4C 
95 
A8 
C3 
C4 
1B 


8F 


D9 
F2 
CD 
AF 
4B 
14 
30 
C8 
36 
C2 


encapsulates { 


OB 
B7 
86 
BF 
5B 
06 
B8 
AC 
F6 
46 
B8 


A9 
13 
67 
FA 
63 
80 
27 
65 
61 
A7 


7A 
11 
75 
89 
c8 
3F 
OD 
FA 
47 
63 


DD 
34 
75 
F2 
BB 
E8 
1E 
15 
B2 
4E 


E3 
A6 
13 
A2 
45 
23 
EF 
8B 
C4 
33 
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1865 
1867 


1872 
1875 
1877 


1879 
1881 


1886 
1889 
1891 


1895 
1897 


1902 
1904 
1906 


1928 
1930 


1935 


1937 


1959 


1961 


1966 
1968 
1970 


Hoffman, 


30 
06 


01 
04 
30 


30 
06 


01 
04 
03 


30 
06 


04 
30 
80 


30 
06 


04 


04 


30 


06 


04 
30 
81 


Ed. 


A 


22: 
20: 


22: 
20: 


22: 
20: 


Examples of S/MIME Messages 


Informational 


July 2005 


SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE () 
) 


} 
SEQUENCE { 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
'11'B 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[0] 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 
) 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

OCTET STRING 
BE 6C Al B3 E3 Cl F7 ED 43 70 A4 CE 
13 01 E2 FD E3 97 FE CD 

} 


} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[1] ’AliceDSS@example.com’ 
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) 
: } 
1992 30 9: SEQUENCE { 
1994 06 de OBJECT IDENTIFIER 
H dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: ) 
2003 03 48: BIT STRING 0 unused bits, encapsulates { 


2006 30 45: SEQUENCE ( 


2008 02 20: INTEGER 
E 55 0C A4 19 1F 42 2B 89 71 22 33 8D 
: 83 6A B5 3D 67 6B BF 45 
2030 02 21: INTEGER 
: 00 9F 61 53 52 54 OB 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


) 
: ) 
2053 Al 219: [1] 4 


2056 30 216: SEQUENCE ( 
2059 30 153: SEQUENCE { 
2062 30 9s SEQUENCE { 
2064 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: ) 
2073 30 18: SEQUENCE ( 
2075 31 16: SET ( 
2077 30 14: SEQUENCE ( 
2079 06 jt OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
2084 13 Ts PrintableString 'CarlDSS' 
: ) 
} 
: } 
2093: 17 13: UTCTime ’9908270700002’ 
2108 30 105: SEQUENCE { 
2110 30 19:: SEQUENCE ( 
2112 02 2: INTEGER 200 
2116 17 135 UTCTime 9908220700002” 
à } 
2131 30 19: SEQUENCE ( 
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2133 
2137 


2152 
2154 
2158 


2173 
2175 
2179 


2194 
2196 
2200 


2215 
2217 


2226 
2229 
2231 


2253 


2275 
2279 
2283 
2286 
2288 
2290 
2292 
2294 


2299 


Hoffman, 


02 
des] 


30 
02 
17 


30 
02 
17 


30 
02 
17 


30 
06 


03 
30 
02 


02 


31 
30 
02 
30 
30 
31 
30 
06 


13 


Ed. 


20: 


Examples of S/MIME Messages 


INTEGER 201 
UTCTime 
} 
SEQUENCE { 
INTEGER 211 
UTCTime 
} 
SEQUENCE { 
INTEGER 210 
UTCTime 
} 
SEQUENCE { 
INTEGER 212 
UTCTime 
} 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
dsaWithShal 
(ANSI X9.57 algorithm) 
} 
BIT STRING 0 unused bits, 


SEQUENCE ( 
INTEGER 
7E 65 52 76 33 FE 
F9 AO D4 D8 6D 5C 
INTEGER 
02 7A 5B B7 D5 5B 
DA 24 F3 2A 83 9C 
) 
) 
) 
} 
SET { 
SEQUENCE { 
INTEGER 1 
SEQUENCE { 
SEQUENCE ( 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
commonName (2 5 


(X.520 id-at (2 


July 2005 


' 9908220700002’ 


' 9908220700002’ 


' 9908220700002’ 


' 9908240700002’ 


(1 2 840 10040 4 3) 


encapsulates { 
34 73 17 D1 F7 96 
7D 3D 


18 C1 CF 87 EF 7E 
35 A1 


4 3) 
5 4)) 


PrintableString 'CarlDSS' 


} 


Informational 
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2308 
2312 
2314 


2321 
2323 
2325 


2336 


2338 


2349 


2351 


2362 
2364 


2379 
2381 


2392 
2394 


2416 
2418 


2427 
2429 
2431 


2453 


Hoffman, 


31 
06 


30 


06 


31 
17 


30 
06 


34 
04 


30 
06 


04 
30 
02 


02 


Ed. 


93% 
24: 


I5: 
T3: 


22s 
20: 


20: 


Examples of S/MIME Messages 


INTEGER 200 


} 
SEQUENCE { 


July 2005 


OBJECT IDENTIFIER shal (1 3 14 3 2 26) 


(OIW) 
} 
[01 { 
SEQUENCE { 
OBJECT IDENTIFIER 
contentType (1 2 840 113549 1 
(PKCS #9 (1 2 840 113549 1 9)) 
SET { 
OBJECT IDENTIFIER 
data (1 2 840 113549 1 7 1) 
(PKCS #7) 
} 


} 
SEQUENCE { 
OBJECT IDENTIFIER 
signingTime (1 2 840 113549 1 
(PKCS #9 (1 2 840 113549 1 9)) 
SET { 
UTCTime '0305141539002' 
} 


} 
SEQUENCE { 
OBJECT IDENTIFIER 
messageDigest (1 2 840 113549 
(PKCS #9 (1 2 840 113549 1 9)) 
SET { 
OCTET STRING 


9 3) 


9 5) 


1 9 4) 


40 6A EC 08 52 79 BA 6E 16 02 2D 9E 


06 29 CO 22 96 87 DD 48 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
} 
OCTET STRING, encapsulates { 
SEQUENCE { 
INTEGER 


3B A5 EO 4A DB 6D 58 EO 19 D1 00 1C 


4F 44 9A 57 7A 71 66 68 
INTEGER 


1A 11 98 D6 1F 1F AF 34 81 01 DE BE 


Informational 
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2475 
2479 
2481 


2494 
2496 
2498 


2532 


2543 
2547 


2558 
2562 
2566 
2569 
2571 
2573 
25715 
2577 


2582 


2591 


2609 
2611 


2618 


Hoffman, 


Al 
30 
06 


3l 
30 
OC 


06 


30 
06 


31 
30 
02 
30 
30 
34 
30 
06 


13 


02 


30 
06 


AO 


Ed. 


354: 
62: 
13:3 


45: 
32:1 


16: 


Y 


67: 


Examples of S/MIME Messages 


8B DC B6 A8 6A 91 69 13 


} 
[1] { 
SEQUENCE { 


OBJECT IDENTIFIER 


id-aa-contentHint 
(1 2 840 113549 1 9 16 2 4) 
(S/MIME Authenticated Attributes 


(1 2 840 113549 1 9 16 2)) 


SET ( 
SEQUENCE ( 


UTF8String 
‘Content Hints Description Buffer’ 
OBJECT IDENTIFIER 


July 2005 


data (12 840 113549 1 7 1) 
(PKCS #7) 


) 
) 
SEQUENCE ( 


OBJECT IDENTIFIER 


countersignature 
(PKCS #9 (1 2 840 113549 1 9)) 


SET ( 
SEQUENCE ( 
INTEGER 1 


SEQUENCE { 
SEQUENCE ( 


SET ( 


SEQUENCE { 


OBJECT IDENTIFIER 


) 
} 
} 
INTEGER 


(1 2 840 113549 1 9 6) 


commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString 'CarlRSA' 


46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
C4 10 B3 BO 


} 


SEQUENCE { 
OBJECT IDENTIFIER 


shal 
(OIW) 


[01 4 


Informational 


(13143 2 26) 
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2620 
2622 


2633 
2635 


2650 
2652 


2663 
2665 


2687 
2689 


2700 


2702 


Hoffman, 


30 
06 


31 
T3 


30 
06 


31 
04 


30 
06 


05 


04 


Ed. 


22: 
20: 


128: 


SEQUENCE { 


SEQUENCE ( 


} 


Examples of S/MIME Messages 


OBJECT IDENTIFIER 
signingTime 
(1 2 840 113549 1 9 5) 
(1 2 840 113549 1 


SET { 


} 


(PKCS #9 


UTCTime 


} 


July 


' 0305141539002" 


OBJECT IDENTIFIER 
messageDigest 
(12 840 113549 1 9 4) 
(12 840 113549 1 


SET { 


} 


(PKCS #9 


OCTET STRING 
02 5F 49 4E 39 98 50 85 
1F 7B 9E 69 AA FB D8 33 


} 


SEQUENCE { 
OBJECT IDENTIFIER 
rsaEncryption 


NULL 


} 


(PKCS #1) 


OCTET 


6D 
1F 
BC 
7F 
76 
10 
18 
A9 
E8 
DA 
6C 


AA 
2B 
8B 
93 
AE 
E 
DO 
E2 
33 
D3 
33 


STRING 


20 
54 
LE 
6E 
3E 
02 
CC 
71 
6F 
84 
c3 


Informational 


24 
10 
60 
3D 
58 
F1 
2B 
95 
5A 
40 
ED 


ED 


7A 


EE 


(12 840 113549 


A5 


B3 66 D3 


TELE) 


5E 


65 
B5 


FA 
DB 


CE 
8B 


9B 
03 


Bl 
9E 


89 
1F 
8B 
C9 
DO 
3D 
68 
67 


14 
9B 
5B 


C9 
BB 
B4 


E3 
BC 
DB 


6B 
7C 
9A 


87 
2C 
49 
FA 
30 
BB 


91 
D4 
CB 
5F 
3F 


A9 
4E 
C7 
56 
43 


AD 
1F 
D4 
9A 
BF 


D9 
CD 
SF 
62 


46 
74 
C2 
F5 


DD 
78 
F2 
F6 
19 
93 
F8 
6F 
80 
3B 


2005 


8A 


75 
74 
2B 
7D 
4E 
B4 
65 
82 
1B 
OD 


[Page 67] 


RFC 4134 Examples of S/MIME Messages July 2005 


) 
4.5. All RSA Signed Message 


Same as 4.2, but includes Carl’s RSA root cert (but no CRL). A 
SignedData with no attribute certificates, signed by Alice using RSA, 
her certificate and Carl’s root cert, no CRL. The message is 
ExContent, and is included in the eContent. There are no signed or 
unsigned attributes. 


0 30 NDEF: SEQUENCE { 


2 06 Os OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
(PKCS #7) 
13 AO NDEF: [01 { 
15 30 NDEF: SEQUENCE { 
17 02 T INTEGER 1 
20 31 TI; SET { 
22:30 9: SEQUENCE ( 
24 06 9$ OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
: (OIW) 
31 05 0: NULL 
: ) 
: } 
33 30 NDEF: SEQUENCE { 
35 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
: (PKCS #7) 
46 AO NDEF: [0] 4 
48 24 NDEF: OCTET STRING ( 
50 04 4: OCTET STRING 'This' 
56 04 24: OCTET STRING ’ is some sample content.’ 
: ) 
) 
: ) 
88 AO NDEF: [0] ( 
90 30 491: SEQUENCE ( 
94 30 340: SEQUENCE ( 
98 AO 3 [0] ( 
100 02 Ts INTEGER 2 
: } 
103 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
: 9F F2 50 20 
121 30 13% SEQUENCE ( 


123 06 9 OBJECT IDENTIFIER 
: shalwithRSAEncryption 
(12 840 113549 1 1 5) 
: (PKCS #1) 
134 05 0: NULL 
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E ) 
136 30 18: SEQUENCE ( 


138 31 16: SET ( 
140 30 14: SEQUENCE { 


142 06 3? OBJECT IDENTIFIER 
E commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


147 13 T3 PrintableString 'CarlRSA' 
: } 
} 
: } 
156 30 30: SEQUENCE { 
158 17 13: UTCTime '’ 9908180700002’ 
173: 17 13% UTCTime ’ 3912312359592’ 
: } 
188 30 18: SEQUENCE { 
1:90:31 16% SET { 
192 30 14: SEQUENCE ( 


194 06 3% OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


199 13 Jes PrintableString 'CarlRSA' 
: } 
} 
: ) 
208 30 159: SEQUENCE ( 
21130 13: SEQUENCE ( 
213 06 9: OBJECT IDENTIFIER 
: rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS +1) 
224 05 0: NULL 
: ) 
226 03 141: BIT STRING 0 unused bits, encapsulates ( 
230 -30 -1373 SEQUENCE { 


233 02 129: INTEGER 
: 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 
73 7B 93 71 5C BC 33 1A 92 92 72 23 
D8 41 46 DO CD 11 3A 04 B3 8E AF 82 
9D BD 51 1E 17 7A F2 76 2C 2B 86 39 
A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC 
A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F 
99 25 8F B8 4E AB B9 7D D5 96 65 DA 
16 A0 C5 BE OE AE 44 5B EF 5E F4 A7 
29 CB 82 DD AC 44 E9 AA 93 94 29 OE 
F8 18 D6 C8 57 5E F2 76 C4 F2 11 60 
: 38 B9 1B 3C 1D 97 C9 6A F1 
365 02 34 INTEGER 65537 
: } 
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370 
372 
374 
376 


381 
384 
386 
388 


391 
393 


398 
401 
403 


407 
409 


414 
416 


438 
440 


451 


453 


Hoffman, 


A3 
30 
30 
06 


01 
04 
30 
01 


30 
06 


01 
04 
03 


30 
06 


04 
04 


30 
06 


05 


03 


Ed. 


R00U0éwé 


A 


22s 
20: 


129: 


Examples of S/MIME Messages 


} 
EST. 4 
SEQUENCE ( 
SEQUENCE { 
OBJECT IDENTIFIER 


July 2005 


basicConstraints (2 5 29 19) 


(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 


OCTET STRING, encapsulates ( 


SEQUENCE ( 
BOOLEAN TRUE 
} 
} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 


OCTET STRING, encapsulates { 
BIT STRING 1 unused bits 


^1100001'B 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 


subjectKeyIdentifier (2 5 29 14) 


(X.509 id-ce (2 5 29)) 


OCTET STRING, encapsulates { 


OCTET STRING 


E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 


42 37 4E 22 AE 9E 38 BB 
} 


} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
shalwithRSAEncryption 
(1 2 840 113549 1 1 5) 
(PKCS +1) 
NULL 
} 
BIT STRING 0 unused bits 


B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 
2E 4C DB OC FO 48 OF 32 61 EE C4 04 


Informational 
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EC 12 5D 2D FF OF 64 59 7E OA C3 ED 
18 FD E3 56 40 37 A7 07 B5 FO 38 12 
61 50 ED EF DD 3F E3 OB B8 61 A5 A4 
9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C 
3B B5 2D 45 35 9D 49 01 76 FA B9 B9 
31 F9 F9 6B 12 53 AO F5 14 60 9B 7D 


CA 3E F2 53 6B BO 37 6F AD E6 74 D7 
DB FA 5A EA 14 41 63 5D CD BE C8 OE 
C1 DA 6A 8D 53 34 18 02 
E ) 
585 30 556: SEQUENCE ( 


589 30 405: SEQUENCE { 

593 AO 3 [01 4 

595 02 iL ee INTEGER 2 
: } 

598 02 16: INTEGER 


46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
: C4 10 B3 BO 
616 30 13% SEQUENCE ( 
618 06 94 OBJECT IDENTIFIER 
: shalwithRSAEncryption 
(12 840 113549 1 1 5) 


: (PKCS +1) 
629 05 0: NULL 
: } 
631 30 18: SEQUENCE { 
633 31 16: SET { 
635 30 14: SEQUENCE { 


637 06 3% OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


642 13 we PrintableString 'CarlRSA' 
: ) 
} 
: } 
651 30 30: SEQUENCE { 
653 17 13: UTCTime 9909190108472" 
668 17 13; UTCTime '3912312359592' 
: ) 
683 30 19: SEQUENCE { 
685 31 t7; SET { 
687 30 15: SEQUENCE ( 


689 06 3% OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
694 13 8: PrintableString ’AliceRSA’ 
: } 
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: } 
704 30 159: SEQUENCE { 


707 30 13% SEQUENCE { 
709 06 9: OBJECT IDENTIFIER 
: rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS #1) 
720 05 0: NULL 
x ) 
722 03 141: BIT STRING 0 unused bits, encapsulates ( 
726 30 137: SEQUENCE ( 


729 02 129: INTEGER 

E 00 EO 89 73 39 8D D8 F5 F5 E8 87 76 
39 7F 4E BO 05 BB 53 83 DE OF B7 AB 
DC 7D C7 75 29 OD 05 2E 6D 12 DF A6 
86 26 D4 D2 6F AA 58 29 FC 97 EC FA 
82 51 OF 30 80 BE B1 50 9E 46 44 F1 
2C BB D8 32 CF C6 68 6F 07 D9 BO 60 
AC BE EE 34 09 6A 13 F5 F7 05 05 93 
DF 5E BA 35 56 D9 61 FF 19 7F C9 81 
E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 
9F 2D FA 55 3A B9 99 77 02 A6 48 52 
8C 4E F3 57 38 57 74 57 5F 


861 02 3: INTEGER 65537 
: ) 
) 
: } 
866 A3 129: [3] { 
869 30 127: SEQUENCE { 
871 30 12: SEQUENCE { 


873 06 3: OBJECT IDENTIFIER 
: basicConstraints (2 5 29 19) 
: (X.509 id-ce (2 5 29)) 

878 01 ds BOOLEAN TRUE 


881 04 2 OCTET STRING, encapsulates ( 
883 30 0: SEQUENCE () 

: } 

: } 
885 30 14: SEQUENCE { 


887 06 St OBJECT IDENTIFIER 

; keyUsage (2 5 29 15) 

: (X.509 id-ce (2 5 29)) 
892 01 T BOOLEAN TRUE 


895 04 4: OCTET STRING, encapsulates ( 
897 03 23 BIT STRING 6 unused bits 
. TTLEB 
} 
$ } 
901 30 ci SEQUENCE { 
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903 


908 
910 
912 


934 
936 


941 


943 


965 


967 


972 
974 
976 


998 
1000 


1011 


1013 


Hoffman, 


06 


04 
30 
80 


30 
06 


04 


04 


30 


06 


04 
30 
81 


30 


05 


03 


Ed. 


22: 
20: 


22: 
20: 


22: 
20: 


129: 
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OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[0] 
E9 EO 90 27 AC 78 20 7A 9A D3 4C F2 
42 37 4E 22 AE 9E 38 BB 
} 


} 
} 
SEQUENCE ( 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D 
CE EC 3C AO 3A E3 FF 50 

) 


) 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[1] 'AliceRSAGexample.com' 
} 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
shalwithRSAEncryption 
(1 2 840 113549 1 1 5) 
(PKCS +1) 
NULL 
} 
BIT STRING 0 unused bits 
3E 70 47 A8 48 CC 13 58 8F CA 51 71 
6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC 
CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C 
59 A9 20 AA 05 81 A8 4E 25 AD A7 70 
14 75 2F F5 C7 9B D1 OE E9 63 D2 64 
B7 C6 66 6E 73 21 54 DF F4 BA 25 5D 
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7D 49 D3 94 6B 22 36 74 73 B8 4A EC 
2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A 
B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA 
F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A 
76 AE EB 9B DB 49 BO 22 


) 
: } 
1147 31 203: SET { 


1150 30 200: SEQUENCE { 
1153.02 ls INTEGER 1 
1156 30 38: SEQUENCE ( 
1158 30 1:8: SEQUENCE ( 
1160 31 L6: SET { 
1162 30 14: SEQUENCE { 
1164 06 35 OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
1169 13 T3 PrintableString 'CarlRSA' 
: } 
} 
: ) 
1178 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
C4 10 B3 BO 
: } 
1196 30 9: SEQUENCE ( 
1198 06 5s OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
: (OIW) 
1205 05 0: NULL 
: } 
1207 30 13% SEQUENCE { 
1209 06 93 OBJECT IDENTIFIER 
: rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS +1) 
1220 05 9: NULL 
: } 
1222 04 128: OCTET STRING 


2F 23 82 D2 F3 09 5F B8 OC 58 EB 4E 
9D BF 89 9A 81 E5 75 C4 91 3D D3 DO 
D5 7B B6 D5 FE 94 Al 8A AC E3 C4 84 
F5 CD 60 4E 27 95 F6 CF 00 86 76 75 
3F 2B FO E7 D4 02 67 A7 F5 C7 8D 16 
04 A5 B3 B5 E7 D9 32 FO 24 EF E7 20 
44 D5 9F 07 C5 53 24 FA CE 01 1D OF 
17 13 A7 2A 95 9D 2B E4 03 95 14 OB 
E9 39 OD BA CE 6E 9C 9E OC E8 98 E6 
55 13 D4 68 6F DO 07 D7 A2 B1 62 4C 
E3 8F AF FD EO D5 5D C7 
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4.6. Multiple Signers 


Similar to 4.1, but the message is also signed by Diane. Two 
signerInfos (one for Alice, one for Diane) with no attribute 
certificates, each signed using DSS, Alice's and Diane's certificate 
(not Carl's root cert), no CRL. The message is ExContent, and is 
included in the eContent. There are no signed or unsigned 
attributes. 


0 30 1463: SEQUENCE { 


4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
(PKCS #7) 
15 AO 1448: [0] ( 
19 30 1444: SEQUENCE ( 
23:302 Ls INTEGER 1 
26 31 9: SET { 
28 30 Ta SEQUENCE { 
30 06 5 OBJECT IDENTIFIER shal (13 14 3 2 26) 
(OIW) 
} 
: } 
3130 43: SEQUENCE ( 
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
: (PKCS #7) 
50 AO 30: [0] 4 
52 04 28: OCTET STRING 'This is some sample content.” 
: ) 
: } 
82 AO 1180: [0] { 
86 30 440: SEQUENCE { 
90 30 375: SEQUENCE { 
94 AO 3: [0] ( 
96 02 Ls INTEGER 2 
: } 
99 02 Zz INTEGER 210 
103 30 9 SEQUENCE ( 


105 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
114 30 18: SEQUENCE { 
116 31 16: SET { 


Hoffman, Ed. Informational [Page 75] 


RFC 4134 Examples of S/MIME Messages July 2005 


118 30 14: SEQUENCE ( 
120 06 3 OBJECT IDENTIFIER 
E commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


12:5.- 1:3 de PrintableString 'CarlDSS' 
: } 
} 
: } 
134 30 30: SEQUENCE { 
136 17 13% UTCTime ’ 9908170208102’ 
151 17 13: UTCTime '391231235959Z' 
: } 
166 30 1:9 SEQUENCE { 
168 31 Tu SET { 
170 30 15: SEQUENCE ( 


172 06 33 OBJECT IDENTIFIER 
E commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


VIT X13 8: PrintableString ’DianeDSS’ 
: ) 
) 
: } 
187 30 147: SEQUENCE { 
190 30 9: SEQUENCE { 


192 06 y OBJECT IDENTIFIER 
: dsa (12 840 10040 4 1) 
(ANSI X9.57 algorithm) 


201 03 133: BIT STRING 0 unused bits, encapsulates ( 
205 02 129: INTEGER 
: 00 A0 00 17 78 2C EE 7E 81 53 2E 2E 
61 08 OF A1 9B 51 52 1A DA 59 A8 73 
2F 12 25 B6 08 CB CA EF 2A 44 76 8A 
52 09 EA BD 05 22 D5 OF F6 FD 46 D7 
AF 99 38 09 OE 13 CB 4F 2C DD 1C 34 
F7 1C BF 25 FF 23 D3 3B 59 E7 82 97 
37 BE 31 24 D8 18 C8 F3 49 39 5B B7 
E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F 
68 4D DD 46 7A 22 BE 8E FF CC DA 39 
29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6 
81 67 CC CO AA CD 2E C5 23 
} 
E ) 
337 A3 129: [3] { 


340 30 127: SEQUENCE ( 
342 30 T2; SEQUENCE { 


344 06 3% OBJECT IDENTIFIER 
: basicConstraints (2 5 29 19) 
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349 
352 
354 


356 
358 


363 
366 
368 


312 
374 


319 
381 
383 


405 
407 


412 


414 


436 


438 


443 
445 
447 
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01 
04 
30 


30 
06 


01 
04 
03 


30 
06 


04 
30 
80 


30 
06 


04 


04 


30 


06 


04 
30 
81 
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A 


22: 
20: 


22: 
20: 


22: 
20: 
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(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates ( 
SEQUENCE () 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
'11'B 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[0] 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 
} 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
64 30 99 7D 5C DC 45 OB 99 3A 52 2F 
16 BF 58 50 DD CE 2B 18 

} 


} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates { 

SEQUENCE { 
[1] ’DianeDSS@example.com’ 


} 
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469 
471 


480 
483 
485 


508 


530 
534 
538 
540 


543 
547 
549 


558 
560 
562 
564 


569 


578 
580 
595 


610 
612 
614 
616 
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30 
06 


03 
30 
02 


02 


30 
30 
AO 
02 


02 
30 
06 


30 
31 
30 
06 


13 


30 
17 
13 


30 
31 
30 
06 
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20: 


16: 
14: 


} 
} 
SEQUENCE { 


Examples of S/MIME Messages 


OBJECT IDENTIFIER 


dsaWithShal 
(ANSI X9.57 algorithm) 


} 


BIT STRING 0 unused bits, 


SEQUENCE { 
INTEGER 
00 Al 

55 33 
INTEGER 
28 4B 

91 B2 


} 
} 
SEQUENCE { 
SEQUENCE { 
[01 { 
INTEGER 2 
} 
INTEGER 200 
SEQUENCE { 


1A F8 17 OE 
1E 4B E3 2C 


10 45 58 D2 
3F 39 DF B5 


OBJECT IDENTIFIER 


dsaWithShal 


July 2005 


(1 2 840 10040 4 3) 


encapsulates { 


3E 
AC 


1C 
6E 


(ANSI X9.57 algorithm) 


) 
SEQUENCE { 
SET { 


SEQUENCE ( 


OBJECT IDENTIFIER 


commonName 
(X.520 id-at 


5D 
B9 


9D 
D3 


(2 5 4 3) 
(2 5 4)) 


A8 8C F4 B6 
SF 


55 35 14 18 


(1 2 840 10040 4 3) 


PrintableString 'CarlDSS' 


) 
) 
) 
SEQUENCE ( 
UTCTime 
UTCTime 
) 
SEQUENCE ( 
SET { 


SEQUENCE { 


OBJECT IDENTIFIER 


Informational 


' 9908170110492" 
"3912312359592" 
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commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


621 13 8: PrintableString ’AliceDSS’ 
: } 
} 
: } 
631 30 438: SEQUENCE { 
635 30 299: SEQUENCE { 


639 06 as OBJECT IDENTIFIER 
: dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
648 30 286: SEQUENCE { 
652 02 129: INTEGER 
: 00 81 8D CD ED 83 EA OA 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 Dl FE 9F AF AZ Al 89 
2F El D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D BO 84 97 37 F2 E4 51 1B 
: B5 E4 09 96 5C F3 7E 5B DB 
784 02 21: INTEGER 
2 O E2 47 A6 1A 45 66 B8 13 C6 DA 8F 


0 
: B8 37 21 2B 62 8B F7 93 CD 
807 02 128: INTEGER 
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 
4B 59 6A 4C 76 23 39 04 02 35 5C F2 
CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD 
AA 05 3D 58 CO 7B A2 36 B8 6E 07 AF 
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 
3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 
01 7C 6D 49 89 11 89 36 44 BD F8 C8 
53 
TE 
4 


95 4A 56 B5 E2 F9 73 EC 1A 61 36 
1r 11 C2 BD ED D1 50 FF 98 74 C2 
D1 81 4A 60 39 BA 36 39 


938 03 132: BIT STRING 0 unused bits, encapsulates ( 
942 02 128: INTEGER 

: 5C E3 B9 5A 75 14 96 OB A9 7A DD E3 

3F A9 EC AC 5E DC BD B7 13 11 34 A6 

16 89 28 11 23 D9 34 86 67 75 75 13 

12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 

1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 
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1073 
1076 
1078 
1080 


1085 
1088 
1090 


1092 
1094 


1099 
1102 
1104 


1108 
1110 


LITS 
1117 
1119 


1141 
1143 


1148 
1150 
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A3 
30 
30 
06 


01 
04 
30 


30 
06 


01 
04 
03 


30 
06 


04 
30 
80 


30 
06 


04 
04 
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127: 


A 


22: 
20: 


22: 
20: 
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A5 AO 4A E3 85 D6 CE 06 80 3F E8 23 
7E 1A F2 24 AB 53 1A B8 27 OD 1E EF 
08 BF 66 14 80 5C 62 AC 65 FA 15 8B 
F1 BB 34 DA D2 96 37 F6 61 47 B2 C4 
32 84 FO 7E 41 40 FD 46 A7 63 4E 33 
F2 A5 E2 F4 F2 83 E5 B8 


) 
[33.71 
SEQUENCE ( 
SEQUENCE ( 

OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 

BOOLEAN TRUE 

OCTET STRING, encapsulates ( 

SEQUENCE () 
} 


} 
SEQUENCE { 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
'11'B 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[0] 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 
} 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 
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11372 
1174 


1179 
1181 
1183 


1205 
1207 


1216 
1219 
1221 


1243 


1266 
1269 
1231 
1274 
1276 
1278 
1280 
1282 


1287 


1296 


Hoffman, 


30 
06 


04 
30 
81 


30 
06 


03 
30 
02 


02 


31 
30 
02 
30 
30 
31 
30 
06 


13 


02 
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225 
20: 


215 
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13 01 E2 FD E3 97 FE CD 


} 
} 
SEQUENCE { 


OBJECT IDENTIFIER 


subjectAltName 
(2 5 29)) 


(X.509 


id-ce 


OCTET STRING, 
SEQUENCE ( 
"AliceDSS@example.com’ 


[1] 
} 


} 
} 
SEQUENCE { 


OBJECT IDENTIFIER 


(2 5 29 17) 


encapsulates { 


dsaWithShal (1 2 840 10040 4 3) 


(ANSI X9.57 algorithm) 


} 


BIT STRING 0 unused bits, 


SEQUENCE { 
INTEGER 
55 0C A4 
83 6A B5 
INTEGER 
00 9F 61 
76 1D E2 


) 
} 
SET { 
SEQUENCE { 
INTEGER 1 
SEQUENCE { 
SEQUENCE { 
SET { 
SEQUENCE { 


OBJECT IDENTIFIER 


19 1F 
3D 67 


53 52 
10 52 


42 
6B 


54 
5B 


commonName 


(X.520 


} 
} 
} 
INTEGER 200 


Informational 


id-at 


encapsulates { 


2B 
BF 


OB 
43 


89 71 22 33 8D 
45 


5C B2 DD DA E7 
5E BD 


(2 5 4 3) 


(2 5 4)) 
PrintableString 'CarlDSS' 
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1300 
1302 


1309 
1311 


1320 
1322 
1324 


1346 


1368 
1370 
1373 
1375 
1377 
1379 
1381 


1386 


1395 


1399 


1401 


1408 
1410 


1419 
1421 
1423 
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30 
06 


30 
06 


04 
30 
02 


02 


13 


04 
30 
02 
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} 
SEQUENCE { 
OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
} 
OCTET STRING, encapsulates { 
SEQUENCE { 
INTEGER 
48 24 DE 8B 85 F2 16 AF EC 82 61 A9 
54 DO 2D 04 Al CC 5A 4F 
INTEGER 
17 ED D5 77 02 EE 75 13 D8 10 BD 3D 
97 17 20 88 BB FD 7B 81 


} 
} 
SEQUENCE ( 
INTEGER 1 
SEQUENCE ( 
SEQUENCE { 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 
PrintableString 'CarlDSS' 
) 
} 


} 
INTEGER 210 
} 
SEQUENCE { 
OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
} 
OCTET STRING, encapsulates { 
SEQUENCE { 
INTEGER 
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1445 02 
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15 FF 81 4D 8C AD 80 4E 9B 35 58 04 
37 6E 63 6E E9 5B 83 FA 

INTEGER 
06 7E 58 4E 2B 31 84 41 ED 49 79 38 
3E 77 D2 A6 8C 75 08 21 


4.7. Signing Using SKI 


Same as 4.1, 
issuer/serial number in the cert. A SignedData with no attribute 


but the signature uses the SKI instead of the 


certificates, signed by Alice using DSS, just her certificate (not 
Carl's root cert), identified by the SKI, no CRL. The message is 
ExContent, and is included in the eContent. There are no signed or 


unsigned attributes. 


0 30 
4 06 


15 AO 
19 30 
23 02 
26 31 
28 30 
30 06 


37 30 
39 06 


50 AO 
52 04 


82 AO 
86 30 
90 30 
94 AO 
96 02 


99 02 


Hoffman, Ed. 


93:5: 


SEQUENCE { 
OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 


(PKCS #7) 


{ 


SEQUENCE { 


INTEGER 3 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
(PKCS #7) 
[01 { 
OCTET STRING 'This is some sample content.’ 
} 
} 
[01 { 
SEQUENCE { 
SEQUENCE { 
[01 { 
INTEGER 2 
} 
INTEGER 200 
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103 30 9: SEQUENCE { 
105 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 


: ) 
114 30 18: SEQUENCE ( 


116 31 16: SET ( 
118 30 14: SEQUENCE ( 


120 06 33 OBJECT IDENTIFIER 
E commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


125 13 Ts PrintableString 'CarlDSS' 
: } 
} 
: } 
134 30 30: SEQUENCE { 
136 17 133 UTCTime '9908170110492"' 
151 17 135 UTCTime '391231235959Z' 
: } 
166 30 19: SEQUENCE { 
168 31 is SET { 
170 30 To: SEQUENCE { 


172 06 33 OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


177 13 8: PrintableString ’AliceDSS’ 
: } 
} 
: } 
187 30 438: SEQUENCE { 
191 30 299: SEQUENCE { 


195 06 TA OBJECT IDENTIFIER 
E dsa (12 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
204 30 286: SEQUENCE { 
208 02 129: INTEGER 
y 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 D1 FE 9F AF A4 Al 89 
2F El D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D BO 84 97 37 F2 E4 51 1B 
E B5 E4 09 96 5C F3 7E 5B DB 
340 02 21: INTEGER 
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363 02 128: 
494 03 132: 
498 02 128: 
629 "A3. 129 
632 30 127: 
634 30 12* 
636 06 3t 
641 01 1 
644 04 2: 
646 30 0: 
648 30 14: 
650 06 3% 
655 01 de 
658 04 4: 

Hoffman, Ed. 
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00 E2 47 A6 1A 45 
B8 37 21 2B 62 8B 
INTEGER 

26 38 DO 14 89 32 
4B 59 6A 4C 76 23 
CB 1A 30 C3 1E 50 
AA 05 3D 58 CO 7B 
7D 8A 42 25 A7 F4 
3E 90 F8 6D EA 9C 
E9 CE 2E 5D A3 07 
01 7C 6D 49 89 11 
95 4A 53 56 B5 E2 
1F 11 7F C2 BD ED 
D1 81 4A 60 39 BA 
) 


BIT STRING 0 unused bits, 


INTEGER 

5C E3 B9 5A 75 14 
3F A9 EC AC 5E DC 
16 89 28 11 23 D9 
12 3D 43 5B 6F E5 
1B 3E 24 7D 3D 07 
A5 AO 4A E3 85 D6 
7E 1A F2 24 AB 53 
08 BF 66 14 80 5C 
F1 BB 34 D4 D2 96 
32 84 FO 7E 41 40 
F2 A5 E2 F4 F2 83 


} 
ESA 
SEQUENCE ( 
SEQUENCE ( 
OBJECT IDENTIFIER 
basicConstraints 


(X.509 id-ce (2 5 29)) 


BOOLEAN TRUE 


96 
BD 
34 
51 
8D 
CE 
1A 
62 
37 
FD 
E5 


B8 
93 


39 
04 
DD 
36 
CF 
21 
23 
36 
73 
50 
39 


13 
CD 


FB 
02 
9B 
B8 
4A 
8A 
85 
44 
EC 
FF 


July 


C6 DA 


3E 
35 
59 
6E 
08 
3B 
B8 
BD 
1A 
98 


6D 
5C 
E2 
07 
5E 
76 
2F 
F8 
61 
74 


2005 


8F 


D9 
F2 
CD 
AF 
4B 
14 
30 
C8 
36 
C2 


encapsulates { 


OB 
B7 
86 
BF 
5B 
06 
B8 
AC 
F6 
46 
B8 


AQ 
13 
67 
FA 
63 
80 
27 
65 
61 
A7 


(2 5 29 


7A 
11 
79 
89 
C8 
SE, 
OD 
FA 
47 
63 


19) 


OCTET STRING, encapsulates { 


SEQUENCE { } 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 


keyUsage (2 5 29 15) 


(X.509 id-ce (2 5 29)) 


BOOLEAN TRUE 


OCTET STRING, encapsulates { 


Informational 


DD 
34 
75 
F2 
BB 
E8 
1E 
15 
B2 
4E 


E3 
A6 
13 
A2 
45 
23 
EF 
8B 
C4 
33 


[Page 85] 


RFC 4134 


660 


664 
666 


671 
673 
675 


697 
699 


704 
706 


728 
730 


735 
131 
739 


761 


763 


772 
775 
177 


Hoffman, 


03 


30 
06 


04 
30 
80 


30 
06 


04 
04 


30 
06 


04 
30 
81 


30 


06 


03 
30 
02 
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22: 
20: 


22: 
20: 


22: 
20: 


45: 
20: 


} 
} 
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BIT STRING 6 unused bits 
'11'B 
} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE { 
[0] 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 
) 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

OCTET STRING 
BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 
13 01 E2 FD E3 97 FE CD 

) 


) 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectAltName (2 5 29 17) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[1] ’AliceDSS@example.com’ 
) 


SEQUENCE ( 
OBJECT IDENTIFIER 


dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 


} 


BIT STRING 0 unused bits, encapsulates { 
SEQUENCE { 


INTEGER 
55 0C A4 19 1F 42 2B 89 71 22 33 8D 
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: 83 6A B5 3D 67 6B BF 45 
799 02 241: INTEGER 
E 00 9F 61 53 52 54 OB 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


) 
; } 
822 31 95: SET { 


824 30 93% SEQUENCE ( 

826 02 1: INTEGER 3 

829 80 20: [0] 
: BE 6C Al B3 E3 Cl F7 ED 43 70 A4 CE 
i 13 01 E2 FD E3 97 FE CD 

851 30 7: SEQUENCE ( 

853 06 S OBJECT IDENTIFIER shal (13 14 3 2 26) 
: (OIW) 
: ) 

860 30 9$ SEQUENCE ( 

862 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
: ) 

871 04 46: OCTET STRING, encapsulates ( 

873 30 44: SEQUENCE ( 


875 02 20: INTEGER 
: 6D 8E 5A CD 28 AO 1F D9 86 AD 7A E9 
: DF AC D7 BE EC BE 3F F8 
897 02 20: INTEGER 
: 7C 8A 06 1E FC A4 41 35 7E F7 24 14 
FD 3D CO 56 B7 05 27 D5 


4.8. S/MIME multipart/signed Message 


A full S/MIME message, including MIME, that includes the body part 
from 4.3 and the body containing the content of the message. 


MIME-Version: 1.0 

To: User2@examples.com 

From: aliceDss@examples.com 

Subject: Example 4.8 

Message-Id: <020906002550300.249@examples.com> 
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Date: Fri, 06 Sep 2002 00:25:21 -0300 

Content-Type: multipart/signed; 
micalg-SHA1; 
boundary="----=_NextBoundry Fri,_06_Sep_2002_00:25:21"; 
protocol-"application/pkcs7-signature" 


This is a multi-part message in MIME format. 


noc =_NextBoundry Fri,_06_Sep_2002_00:25:21 


This is some sample content. 

TELE =_NextBoundry Fri,_06_Sep_2002_00:25:21 
Content-Type: application/pkcs7-signature; name-smime.p7s 
Content-Transfer-Encoding: base64 

Content-Disposition: attachment; filename-smime.p7s 


MIIDdwYJKoZIhvcNAQcCOIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9wOBBwGgggL 
gMIIC3DCCApugAwIBAgICAMgwCQYHKOoZIzjgEAzASMRAwDgYDVQODEwdDYXJSRFNTMBAXDT 
k5MDgxNzAxMTAOOVOXDTM5MTIZzMTIzNTk1OVowEZzERMA8GAlUEAxMIQOWxpY2VEU1MwggG2M 
IIBKwYHKOoZIzjgEATCCARACgYEAgY3N7YPqCp45PSJIKKPkR5PdDteoDuxTxauECE//lOFz 
SH4M1vNESNE+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXONwyRCJWb3qde+fzOny/dO6iLVPE 
/sACTRO1diMPDtbP3VOh11T12EMR4vf+dsISXN/LkURul5AmWXPN+W9sCFODiR6YaRWa4E8 
baj7g3IStii/eTzQKBgCY40BSJMqo5-*z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dmlnizaoFP 
VjAe6T2uG4Hr32K0iWn 9HXPSgheSz60+G3qnMkhi jt 2FOnOL12 jB80 jhbgvMAF 8bUmJEYk2 
RL34yJVKUlal4v1z7BphNh8R£8K97dF0/5h0wtGBSmA5ujY5A4GEAAKBgFz3juVp1FJYLgXr 
d4z+p7Kxe3L23ExE0phaJKBE3J2TSGZ3V1ExI901tv5VG/+onyohs+JH09B41bY8i7RaWgSu 
OF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS1jf2YUeyxDKE8H5BQP1Gp 
2NOM/Kl4vTyg*W404GBMH8WDAYDVROTAOH/BAIWADAOBgNVHQ8BAf8EBAMCBsAwHwYDVRO j 
BBgwFoAUCEQ-t*gib5vh95K03XjPSC8QyuT8R8wHOYDVROOBBYEFL5SsObDPjwfftO3CkzhMB4v3 
j1/7NMB8GA1UdEQQYMBaBFEF saWN1RFNTOGV4YW1wbGUuY2 9tMAkGByqGSM4 4BAMDMAAwLQ 
IUVQOykGR9CKA41xIjONg2q1PWdrvOUCFQCfYVNSVAtcst3a5b3Yd4hBSWONevTFjMGECAQEwG 
DASMRAwDgYDVQODEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhk jOOAQDBCA4AwLAIUM/mG 
f6gkgp9ZOXtRdGimJeB/BxUCFGFFJqwYRtlWYclOQoGiaowqGzVI 


eme =_NextBoundry Fri, 06 Sep 2002 00:25:21-- 


4.9. S/MIME application/pkcs7-mime Signed Message 
A full S/MIME message, including the MIME parts. 


MIME-Version: 1.0 

To: User2@examples.com 

From: aliceDss@examples.com 

Subject: Example 4.9 

Message-Id: <021031164540300.304@examples.com> 

Date: Thu, 31 Oct 2002 16:45:14 -0300 

Content-Type: application/pkcs7-mime; smime-type-signed-data; 
name=smime.p7m 
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Content-Transfer-Encoding: base64 
Content-Disposition: attachment; filename=smime.p7m 


MIIDmQYJKoZIhvcNAQCCOIIDijCCAA4YCAQExCTAHBgUrDgMCGjAtBgkqhkiG9wOBBwGgIAQ 
eDOpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICA4DCCAtwwggKboAMCAQICAgDIMA 
kGByqGSM4 4BAMwE jEQMA4GA1UEAxMHO2F ybERTUzAeFw050TA4MTcwMTEWNDlaFw0zOTEyM 
ZEyMzU5NTlaMBMxETAPBgNVBAMTCEFSaWNIRFNTMIIBt JCCASSGByqGSM4 4BAEwggEeAoGB 
AIGNze2D6gqeOT7CSCi j 5HeT307XqA7sU8WrhAhP /5ThcO0h+DNbzREJR/p+vpKGJL+HZMMg 
23j*bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoilTxP7AHCEdNXYjDw7Wz4lUIddU5dh 
DEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG20-*4NyErYov3k80CgYAmONAUi 
TKqOfs*bdlLWWpMdiM5BAIl1XPLLGjDDHIBd3ZtZ4s2qBTlYwHuiNrhuB699ikIlp/R1zOoI 
XkstkPht6pzJIYo7dhTpzi5dowfNIAWALzABfGIJiRGJNkS94*MiVSINWteL5ctwaYTYfEX/ 
Cve3RUP-YdMLRgUpgObo20QOBhAACgYBcA71adRSWC6163eM/qgeysXty9txMRNKYWiSgRI9 
kOhmdl1dRMSPUNbb-VRv/qJ8qIbPiR9PQeNW2PIuOWloErjhdbOBoA/6CN-*GvIkqlMauCcNH 
u8Iv2YUgFxirGX6FYvxuzTUOpY39mFHssQyhPB-*QUD9RqdjTjPypeL080PluKOBgTB/MAwG 
AIUdEwEB/wQCMAAwDgYDVROPAQH/BAQDAgbAMB8GA1UdIWwWQYMBaAFHBEPOoIub4feStN14zO 
gVEMrk/EfMBOGA1LUGDgQWBBS+bKGz 4 8H3 7UNwpM4 TAeL945f+zTAfBGgNVHREEGDAWGRRBbG 
1jZURTUOBleGFtcGx1lLmNvbTAJBgcghk jOOAQDAZAAMCOCFFUMpBkfQiuJdJcSIzjYNqtTina 
7 9FANHUAnN2FTULOLXLLd2ud2HeIQU1tDXr0OxY zBhAgEBMBgwE jEQMA4GA1UEAxMHO2FybERT 
UwICAMgwBwYFKwADAhowCQYHKoZIzjgEAwQuMCwCFD1cSW6LIUFzeXle3YI5SKSBer/sAhQ 
mCq7s/CTFHOEjgASeUjbMpx5g6A-- 


4.10. SignedData with Attributes 
A SignedData message with the following list of signedAttributes: 


-unknown OID 

-contentHints 
-smimeCapablilties 
-securityLabel 
-ContentReference 
-smimeEncryptKeyPreference 
-mlExpansionHistory 
-EquivalentLabel 


0 30 2047: SEQUENCE ( 


4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 
(PKCS 47) 
15 AO 2032: [0] { 
19 30 2028: SEQUENCE ( 
23 02 1: INTEGER 1 
26 31 9: SET ( 
28 30 7: SEQUENCE ( 
30 06 5: OBJECT IDENTIFIER shal (1 3 14 3 2 26) 
(OIW) 
) 
B } 
37 30 43: SEQUENCE { 
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39 06 9 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
: (PKCS #7) 

50 AO 30: [0] ( 

52 04 28: OCTET STRING 'This is some sample content.” 
: ) 
: } 

82 AO 736: [01 { 

86 30 732: SEQUENCE { 

90 30 667: SEQUENCE ( 

94 AO Si [0] 4 

96 02 15 INTEGER 2 
: } 

99 02 21 INTEGER 200 

103 30 9% SEQUENCE { 


105 06 7: OBJECT IDENTIFIER 
$ dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
A ) 
114 30 18: SEQUENCE ( 


116 31 16: SET ( 
118 30 14: SEQUENCE ( 


120 06 3c OBJECT IDENTIFIER 
$ commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


125-13 TS PrintableString 'CarlDSS' 
: } 
} 
: } 
134 30 30€ SEQUENCE ( 
136 17 13:3 UTCTime ’9908170110492’ 
151 17 LS: UTCTime '391231235959Z' 
: } 
166 30 19: SEQUENCE { 
168 31 E73 SET { 
170 30 15: SEQUENCE ( 


172 06 3* OBJECT IDENTIFIER 
¿ commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


177 13 8: PrintableString ’AliceDSS’ 
: ) 
) 
: } 
187 30 438: SEQUENCE { 
191 30 299: SEQUENCE { 


195 06 T3 OBJECT IDENTIFIER 
: dsa (12 840 10040 4 1) 
E (ANSI X9.57 algorithm) 
204 30 286: SEQUENCE ( 
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208 02 129: INTEGER 
$ 00 81 8D CD ED 83 EA OA 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 D1 FE 9F AF AZ Al 89 
2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D B0 84 97 37 F2 E4 51 1B 
H B5 E4 09 96 5C F3 7E 5B DB 
340 02 21: INTEGER 
; 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F 
B8 37 21 2B 62 8B F7 93 CD 
INTEGER 
26 38 D0 14 89 32 AA 39 FB 3E 6D D9 
4 
C 


363 02 128: 


B 59 6A 4C 76 23 39 04 02 35 5C F2 
B 1A 30 C3 1E 50 5D DD 9B 59 E2 CD 
AA 05 3D 58 CO 7B A2 36 B8 6E 07 AF 
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 
3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 
01 7C 6D 49 89 11 89 36 44 BD F8 C8 
95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 
1F 11 7F C2 BD ED D1 50 FF 98 74 C2 
D1 81 4A 60 39 BA 36 39 


494 03 132: BIT STRING 0 unused bits, encapsulates ( 
498 02 128: INTEGER 
: 5C E3 B9 5A 75 14 96 OB A9 7A DD E3 
3F A9 EC AC 5E DC BD B7 13 11 34 A6 
16 89 28 11 23 D9 34 86 67 75 75 13 
12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 
1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 
A5 AO 4A E3 85 D6 CE 06 80 3F E8 23 
7E 1A F2 24 AB 53 1A B8 27 OD 1E EF 
08 BF 66 14 80 5C 62 AC 65 FA 15 8B 
F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 
32 84 FO 7E 41 40 FD 46 A7 63 4E 33 
F2 A5 E2 F4 F2 83 E5 B8 
) 
: } 
629 A3 129: [3] { 
632 30 127: SEQUENCE ( 
634 30 12: SEQUENCE ( 
636 06 3: OBJECT IDENTIFIER 
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basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 


E 


641 01 BOOLEAN TRUE 
644 04 2: OCTET STRING, encapsulates ( 
646 30 0: SEQUENCE () 
: } 
: } 
648 30 14: SEQUENCE { 
650 06 Ss OBJECT IDENTIFIER 
: keyUsage (2 5 29 15) 
: (X.509 id-ce (2 5 29)) 
655 01 1% BOOLEAN TRUE 
658 04 4: OCTET STRING, encapsulates { 
660 03 Die BIT STRING 6 unused bits 
. ^114B 
} 
: } 
664 30 31% SEQUENCE ( 
666 06 3: OBJECT IDENTIFIER 
: authorityKeyIdentifier (2 5 29 35) 
3 (X.509 id-ce (2 5 29)) 
671 04 24: OCTET STRING, encapsulates { 
673 30 22: SEQUENCE { 
675 80 20: [0] 
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 F1 1F 
} 
} 
d ) 
697 30 29: SEQUENCE ( 
699 06 Ss OBJECT IDENTIFIER 
: subjectKeyIdentifier (2 5 29 14) 
H (X.509 id-ce (2 5 29)) 
704 04 22: OCTET STRING, encapsulates ( 
706 04 20: OCTET STRING 
i BE 6C Al B3 E3 Cl F7 ED 43 70 A4 CE 
13 01 E2 FD E3 97 FE CD 
} 
: ) 
728 30 que SEQUENCE ( 
730 06 3 OBJECT IDENTIFIER 
: subjectAltName (2 5 29 17) 
: (X.509 id-ce (2 5 29)) 
735 04 24: OCTET STRING, encapsulates ( 
737 30 22: SEQUENCE ( 


739 81 20: [1] ’AliceDSS@example.com’ 
: ) 
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) 
: } 
761 30 9: SEQUENCE { 
763 06 7: OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
772 03 48: BIT STRING 0 unused bits, encapsulates { 


515: 30 45: SEQUENCE ( 


777 02 20% INTEGER 
: 55 0C A4 19 1F 42 2B 89 71 22 33 8D 
; 83 6A B5 3D 67 6B BF 45 
799 02 21% INTEGER 
E 00 9F 61 53 52 54 OB 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


) 
: } 
822 31 1225: SET { 


826 30 1221: SEQUENCE { 
830 02 I: INTEGER 1 
833 30 24: SEQUENCE ( 
835 30 18: SEQUENCE ( 
837 31 T65 SET { 
839 30 14: SEQUENCE { 
841 06 333 OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
846 13 Jue PrintableString 'CarlDSS' 
: ) 
) 
: } 
855 02 2 INTEGER 200 
: } 
859 30 es SEQUENCE { 
861 06 5:3 OBJECT IDENTIFIER shal (13 14 3 2 26) 
: (OIW) 
: } 
868 AO 1119: [0] ( 
872 30 24: SEQUENCE ( 
874 06 gis OBJECT IDENTIFIER 
: contentType (12 840 113549 1 9 3) 
: (PKCS #9 (1 2 840 113549 1 9)) 
885 31 Ti% SET { 
887 06 9: OBJECT IDENTIFIER 
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898 
900 


911 
913 


935 
937 
942 
944 


993 
995 


1008 
1010 
1012 


1046 


1057 
1059 


1070 
1072 
1074 
1076 


Hoffman, 


30 
06 


31 
04 


30 
06 
31 
04 


30 
06 


31 
30 
OC 


06 


30 
06 


31 
30 
30 
06 


22: 
20: 


49: 
47: 


62: 
11: 


45: 
32: 


61: 
59: 


Examples of S/MIME Messages 


data (1 2 840 113549 1 7 1) 
(PKCS #7) 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
messageDigest (1 2 840 113549 1 9 4) 
(PKCS #9 (1 2 840 113549 1 9)) 
SET { 
OCTET STRING 
40 6A EC 08 52 79 BA 6E 16 02 2D 9E 
06 29 CO 22 96 87 DD 48 
) 


) 
SEQUENCE ( 
OBJECT IDENTIFIER '1 2 5555’ 
SET ( 
OCTET STRING 


“This is a test General ASN Attribut’ 


"e, number 1.’ 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
id-aa-contentHint 
(1 2 840 113549 1 9 16 2 4) 
(S/MIME Authenticated Attributes 
(1 2 840 113549 1 9 16 2)) 


SET ( 
SEQUENCE ( 
UTF8String 
"Content Hints Description Buffer’ 
OBJECT IDENTIFIER 
data (12 840 113549 1 7 1) 
(PKCS #7) 


} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
sMIMECapabilities 
(1 2 840 113549 1 9 15) 
(PKCS +9 
(1 2 840 113549 1 9)) 


SET ( 
SEQUENCE { 
SEQUENCE { 
OBJECT IDENTIFIER '1 2 3 4 5 6’ 
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: } 
1083 30 48: SEQUENCE { 


1085 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 77’ 
1093 04 38: OCTET STRING 
: 'Smime Capabilities parameters buffe’ 
4 Qt 
} 
} 
} 
: } 
1133 30 109: SEQUENCE { 


1135 06 115 OBJECT IDENTIFIER 
: id-aa-securityLabel 
(12 840113549 19 16 2 2) 
(S/MIME Authenticated Attributes 
: (12 840 113549 1 9 16 2)) 
1148 31 94: SET ( 


1150: 31 92: SET ( 
1152 02 Ts INTEGER 1 
1155 06 KE OBJECT IDENTIFIER '12 345 6 7 8' 
1164 13 2 PrintableString 

: "THIS IS A PRIVACY MARK TEST’ 
1193 31 49: SET ( 
1195 30 47: SEQUENCE ( 
1197 80 8: [0] 

3 2A 03 04 05 06 07 86 78 
1207 Al 35: [1] ( 
1209 13 33: PrintableString 

: "THIS IS A TEST SECURITY-’ 

' CATEGORY." 
} 
} 
} 
} 
} 

: } 

1244 30 111: SEQUENCE { 


1246 06 11: OBJECT IDENTIFIER 
¿ id-aa-contentReference 
(1 2 840 113549 1 9 16 2 10) 
(S/MIME Authenticated Attributes 
: (12 840 113549 1 9 16 2)) 
1259 31 96: SET ( 


1261 30 94: SEQUENCE { 
1263 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6’ 


1270 04 43: OCTET STRING 
: 'Content Reference Content Identifie’ 
'r Buffer' 
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1315 04 40: OCTET STRING 
4 ‘Content Reference Signature Value B’ 
'uffer' 
) 
} 
: ) 
13574 30: Liss SEQUENCE ( 


1359 06 ld OBJECT IDENTIFIER 
E id-aa-encrypKeyPref 
(1 2 840 113549 1 9 16 2 11) 
(S/MIME Authenticated Attributes 
i (12 840 113549 1 9 16 2)) 
1372 31 100: SET { 


1374 AO 98: [0] ( 
1376 30 90: SEQUENCE ( 
1378 31 11: SET { 
1380 30 9: SEQUENCE ( 
1382 06 3 OBJECT IDENTIFIER 
: countryName (25 4 6) 
: (X.520 id-at (2 5 4)) 
1387 13 2: PrintableString 'US' 
: ) 
E ) 
1391 31 22% SET { 
1393 30 20: SEQUENCE { 
1395 06 33 OBJECT IDENTIFIER 
E organizationName (2 5 4 10) 
: (X.520 id-at (2 5 4)) 
1400 13 T3: PrintableString 'US Government” 
: } 
: } 
1415 31 ops SET { 
1417 30 15: SEQUENCE ( 
1419 06 3e OBJECT IDENTIFIER 
: organizationalUnitName 
(2 5 4 11) 
: (X.520 id-at (2 5 4)) 
1424 13 8: PrintableString 'VDA Site” 
: } 
: } 
1434 31 12: SET { 
1436 30 10: SEQUENCE { 
1438 06 3: OBJECT IDENTIFIER 
: organizationalUnitName 
(2 5 4 11) 
H (X.520 id-at (2 5 4)) 
1443 13 3s PrintableString 'VDA' 


} 
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E } 
1448 31 1:8: SET { 


1450 30 1:6: SEQUENCE { 


1452 06 3: OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


1457-3 Os PrintableString 'Daisy RSA’ 
: } 
} 
; } 
1468 02 4: INTEGER 173360179 
: } 
} 
: } 
1474 30 252: SEQUENCE { 


1477 06 11: OBJECT IDENTIFIER 
: id-aa-mlExpandHistory 
(1 2 840 113549 1 9 16 2 3) 
(S/MIME Authenticated Attributes 
: (12 840 113549 1 9 16 2)) 
1490 31 236: SET ( 


149330. 3233: SEQUENCE ( 
1496 30 230: SEQUENCE { 
1499 04 Ts OCTET STRING '5738299' 
1508 18 T5: GeneralizedTime '199903111044332Z' 
1525 Al 201: [1] 4 
1528 30 198: SEQUENCE ( 
1531 A4 97: [4] ( 
1533 30 95i SEQUENCE ( 
1535 31 115 SET { 
1537-30 9: SEQUENCE ( 
1539 06 3: OBJECT IDENTIFIER 
: countryName (25 4 6) 
: (X.520 id-at (2 5 4)) 
1544 13 2: PrintableString 'US' 
: ) 
í } 
1548 31 22: SET { 
1550 30 20: SEQUENCE { 
1552 06 3% OBJECT IDENTIFIER 
: organizationName 
(2 5 4 10) 
3 (X.520 id-at (2 5 4)) 
1554-3 13: PrintableString 
E "US Government” 
) 
; } 
1572 31 TY SET ( 
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1574 30 15: 
1576 06 33 


1581 13 8: 


1591 31 12: 
1593 30 10: 
1595 06 3% 


1600 13 3% 


1605 31 23: 
1607 30 21: 
1609 06 3: 


1614 13 14: 


1630 A4 9s 
1632 30 95: 
1634 31 11: 
1636 30 9: 
1638 06 3: 


1643 13 2: 


1647 31 22: 
1649 30 20: 
1651 06 9 


1656 13 Si 
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SEQUENCE ( 

OBJECT IDENTIFIER 

organizationalUnitName 
(2 5 4 11) 

(X.520 id-at (2 5 4)) 

PrintableString 

'VDA Site’ 

) 


) 
SET ( 
SEQUENCE ( 
OBJECT IDENTIFIER 
organizationalUnitName 
(25414 11) 
(X.520 id-at (2 5 4)) 
PrintableString 'VDA' 
} 


} 
SET { 
SEQUENCE { 

OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 

PrintableString 

"Bugs Bunny DSA’ 

} 


} 
} 
[41 4 
SEQUENCE { 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
countryName (2 5 4 6) 
(X.520 id-at (2 5 4)) 
PrintableString 'US' 
} 


} 
SET { 
SEQUENCE { 
OBJECT IDENTIFIER 
organizationName 
(2 5 4 10) 
(X.520 id-at (2 5 4)) 
PrintableString 
‘US Government’ 


} 
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1671 31 
1673 30 
1675 06 


1680 13 


1690 31 
1692 30 
1694 06 


1699 13 


1704 31 
1706 30 
1708 06 


liis 13 


1729 30 
1733 06 


1746 31 
1749 30 
1:52.31 
1754 02 
1757 06 


Hoffman, 


L7: 
15* 


T2: 
10: 


14: 


258: 
Tilt 


Ed. 
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) 
SET ( 
SEQUENCE ( 
OBJECT IDENTIFIER 
organizationalUnitName 
(2 5 4 11) 
(X.520 id-at (2 5 4)) 
PrintableString 
'VDA Site’ 
} 


) 
SET ( 
SEQUENCE ( 
OBJECT IDENTIFIER 
organizationalUnitName 
(25414 11) 
(X.520 id-at (2 5 4)) 
PrintableString 'VDA' 
} 


} 
SET { 
SEQUENCE { 

OBJECT IDENTIFIER 
commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 

PrintableString 

‘Elmer Fudd DSA’ 


SEQUENCE { 
OBJECT IDENTIFIER 
id-aa-equivalentLabels 
(1 2 840 113549 1 9 16 2 9) 
(S/MIME Authenticated Attributes 
(1 2 840 113549 1 9 16 2)) 


SET ( 
SEQUENCE ( 
SET ( 
INTEGER 1 
OBJECT IDENTIFIER '12 34.5 6 7 9' 
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1766 13 38: PrintableString 
: "EQUIVALENT THIS IS A PRIVACY MARK T' 
: ‘EST’ 

1806 31 60: SET { 

1808 30 58: SEQUENCE { 

1810 80 Be [0] 
: 2A 03 04 05 06 07 86 78 

1820 A1 46: Eds =f 


1822 13 44: PrintableString 

: "EQUIVALENT THIS IS A TEST SECURITY-' 

' CATEGORY." 
) 
) 
) 

: ) 

1868 31 121: SET ( 


1870 02 is INTEGER 1 

1873 06 rs OBJECT IDENTIFIER 
E t3 2-335405 6-7 Or 

1882 13 45: PrintableString 


'EQUIVALENT THIS IS A SECOND PRIVACY' 
$ / MARK TEST” 
1929 31 60: SET ( 


1931 30 58: SEQUENCE { 
1933 80 8: [0] 

: 2A 03 04 05 06 07 86 78 
1943 A1 46: [1] ( 


1945 13 44: PrintableString 
: "EQUIVALENT THIS IS A TEST SECURITY-' 
' CATEGORY." 


1991 30 9: SEQUENCE ( 
1993 06 as OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: ) 
2002 04 47: OCTET STRING, encapsulates ( 


2004 30 45: SEQUENCE ( 


2006 02 21: INTEGER 
E 00 BC 33 37 65 C4 F7 70 5C 17 49 13 
AA 4C 85 CA BB 52 91 48 59 
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2029 


4.11. 


CA SignedData message with no content or signature, 


02 


20: 


INTEGER 


Examples of S/MIME Messages 
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63 96 A2 14 8B CF 57 DE BO 48 5F 6C 
64 DD 84 04 49 5F 1C CA 


SignedData with Certificates Only 


Alices's and Carl's certificates. 


0 30 1672: 
4 06 
15 AO 1657 
19 30 1653 
23 02 
26 31 
28 30 11 
30 06 
41 AO 1407 
45 30 667 
49 30 602 
53 AO 
55:02 
58 02 
61 30 
63 06 
72 30 18: 
74 31 16: 
76 30 14: 
78 06 
83 13 
Hoffman, Ed. 


SEQUENCE ( 


OBJECT IDENTIFIER signedData 


(PKCS #7) 
[01 4 
SEQUENCE ( 
INTEGER 1 
SET {} 
SEQUENCE { 


OBJECT IDENTIFIER data 


(PKCS #7) 
} 
[01 { 
SEQUENCE { 
SEQUENCE { 
[01 4 
INTEGER 2 
) 
INTEGER 1 
SEQUENCE ( 


OBJECT IDENTIFIER 


dsaWithShal 


containing only 


(1 2 840 113549 1 7 2) 


(1 2 840 113549 1 7 1) 


(1 2 840 10040 4 3) 


(ANSI X9.57 algorithm) 


} 
SEQUENCE { 
SET { 
SEQUENCE { 


OBJECT IDENTIFIER 


commonName 
(X.520 id-at 


(2-5 4 3) 
(2 5 4)) 


PrintableString 'CarlDSS' 


} 
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E ) 
92 30 30: SEQUENCE { 


94 17 T3 UTCTime '9908162250502' 

109 17 13: UTCTime '3912312359592' 
E ) 

124 30 18: SEQUENCE ( 

126 31 16: SET { 

128 30 14: SEQUENCE ( 


130 06 3s OBJECT IDENTIFIER 
$ commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


135.3 e PrintableString 'CarlDSS' 
: ) 
) 
: } 
144 30 439: SEQUENCE { 
148 30 299: SEQUENCE { 


152 06 7: OBJECT IDENTIFIER 
: dsa (12 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
161 30 286: SEQUENCE ( 
165 02 129: INTEGER 
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 
01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 
FB C6 4C B3 OE 94 09 06 EB 01 D4 B1 
C8 71 4B C7 45 CO 50 25 5D 9C FC DA 
E4 6D D3 E2 86 48 84 82 7D BA 15 95 
ED 
B 


4A 16 F6 46 | DD F6 98 D2 BB 7E 8A 
OA 8A BA 16 7B B9 50 01 48 93 8B EB 
25 15 51 97 55 DC 8F 53 OE 10 A9 50 
FC 70 B7 CD 30 54 FD DA DE A8 AA 22 
B5 Al AF 8B CC 02 88 E7 8B 70 5F B9 

: AD El 08 D4 6D 29 2D D6 E9 

297 02 21: INTEGER 
: 00 DD C1 2F DF 53 CE OB 34 60 77 3E 
: 02 A4 BF 8A 5D 98 B9 10 D5 
320 02 128: INTEGER 

: OC EE 57 9B 4B BD DA B6 07 6A 74 37 
4F 55 7F 9D ED BC 61 0D EB 46 59 3C 
56 OB 2B 5B 0C 91 CE A5 62 52 69 CA 
El 6D 3E BD BF FE El B7 B9 2B 61 3C 
AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 
87 OB C7 CD FO 1C D9 B5 4E 5D 73 DE 
AF OE C9 1D 5A 51 F5 4F 44 79 35 5A 
73 AA 7F 46 51 1F A9 42 16 9C 48 EB 
8A 79 61 B4 D5 2F 53 22 44 63 1F 86 
B8 A3 58 06 25 F8 29 CO EF BA EO 75 
FO 42 C4 63 65 52 9B OA 
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} 
: } 
451 03 133: BIT STRING 0 unused bits, encapsulates { 
455 02 129: INTEGER 
E 00 99 87 74 27 03 66 AO B1 CO AD DC 
2C 75 BB El 6C 44 9C DA 21 6D 4D 47 
6D B1 62 09 E9 D8 AE 1E F2 3A B4 94 
B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 
AE B9 60 96 19 24 01 F3 62 OC FE 75 
CO FB CE D8 68 00 E3 FD D5 70 4F DF 
23 96 19 06 94 F4 B1 61 8F 3A 57 B1 
08 11 A4 OB 26 25 FO 52 76 81 EA OB 
62 0D 95 2A E6 86 BA 72 B2 A7 50 83 
OB AA 27 CD 1B A9 4D 89 9A D7 8D 18 
39 84 3F 8B C5 56 4D 80 7A 
) 
: } 
587 A3 66: [3] { 


589 30 64: SEQUENCE { 
591 30 15$ SEQUENCE ( 
593 06 3: OBJECT IDENTIFIER 
: basicConstraints (2 5 29 19) 
¿ (X.509 id-ce (2 5 29)) 
598 01 Ts BOOLEAN TRUE 
601 04 5: OCTET STRING, encapsulates { 
603 30 Bi SEQUENCE { 
605 01 13 BOOLEAN TRUE 
: } 
} 
: } 
608 30 14: SEQUENCE { 
610 06 3: OBJECT IDENTIFIER 
: keyUsage (2 5 29 15) 
E (X.509 id-ce (2 5 29)) 
615 01 ls BOOLEAN TRUE 
618 04 4: OCTET STRING, encapsulates ( 
620 03 2% BIT STRING 1 unused bits 
E ^1100001'B 
) 
: ) 
624 30 29: SEQUENCE ( 
626 06 3% OBJECT IDENTIFIER 
: subjectKeyIdentifier (2 5 29 14) 
: (X.509 id-ce (2 5 29)) 
631 04 22: OCTET STRING, encapsulates ( 


633 04 20: OCTET STRING 
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 F1 1F 
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) 
: } 
655 30 9: SEQUENCE ( 
657 06 Ts OBJECT IDENTIFIER 
E dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: ) 
666 03 48: BIT STRING 0 unused bits, encapsulates ( 


669 30 45: SEQUENCE ( 


671 02 20: INTEGER 
; 6B A9 FO 4E 7A 5A 79 E3 F9 BE 3D 2B 
: C9 06 37 E9 11 17 A1 13 
693 02 21: INTEGER 
: 00 8F 34 69 2A 8B B1 3C 03 79 94 32 
4D 12 1F CE 89 FB 46 B2 3B 


) 
: ) 
716 30 732: SEQUENCE ( 


720 30 667: SEQUENCE { 

724 A0 3: [0] 4 

726 02 1 INTEGER 2 
: } 

729 02 2s INTEGER 200 

733 30 9: SEQUENCE ( 


735 06 Ts OBJECT IDENTIFIER 
E dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
744 30 18: SEQUENCE { 


746 31 1:6:: SET ( 
748 30 14: SEQUENCE { 


750 06 3 OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


755-43 Te PrintableString 'CarlDSS' 
: ) 
) 
: ) 
764 30 30: SEQUENCE ( 
766 17 13s UTCTime ’ 9908170110492’ 
781 17 T3: UTCTime '39123123595927' 
: } 
796 30 19: SEQUENCE { 
798 31 17: SET { 
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800 30 TS% SEQUENCE { 
802 06 3: OBJECT IDENTIFIER 
: commonName (2 5 4 3) 
(X.520 id-at (2 5 4)) 


807 13 8: PrintableString ’AliceDSS’ 
: ) 
} 
: } 
817 30 438: SEQUENCE { 
821 30 299: SEQUENCE { 


825 06 7: OBJECT IDENTIFIER 
: dsa (1 2 840 10040 4 1) 
: (ANSI X9.57 algorithm) 
834 30 286: SEQUENCE ( 
838 02 129: INTEGER 
$ 00 81 8D CD ED 83 EA OA 9E 39 3E C2 
48 28 A3 E4 47 93 DD OE D7 A8 OE EC 
53 C5 AB 84 08 4F FF 94 El 73 48 7E 
OC D6 F3 44 48 D1 FE 9F AF A4 Al 89 
2F El D9 30 C8 36 DE 3F 9B BF B7 4C 
DC 5F 69 8A E4 75 DO 37 OC 91 08 95 
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 
8B 54 F1 3F BO 07 08 47 4D 5D 88 C3 
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 
78 BD FF 9D BO 84 97 37 F2 EA 51 1B 
$ B5 E4 09 96 5C F3 7E 5B DB 
970 02 215 INTEGER 
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F 
: B8 37 21 2B 62 8B F7 93 CD 
993 02 128: INTEGER 
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 
4B 59 6A 4C 76 23 39 04 02 35 5C F2 
CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD 
AA 05 3D 58 CO 7B A2 36 B8 6E 07 AF 
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 
3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 
01 7C 6D 49 89 11 89 36 44 BD F8 C8 
95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 
1F 11 7F C2 BD ED D1 50 FF 98 74 C2 
D1 81 4A 60 39 BA 36 39 
) 


T124 :035 132: BIT STRING 0 unused bits, encapsulates { 
1128 02 128: INTEGER 

: 5C E3 B9 5A 75 14 96 OB A9 7A DD E3 

3F A9 EC AC 5E DC BD B7 13 11 34 A6 

16 89 28 11 23 D9 34 86 67 75 75 13 
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1259 
1262 
1264 
1266 


1271 
1274 
1276 


1278 
1280 


1285 
1288 
1290 


1294 
1296 


1301 
1303 
1305 


1327 
1329 


1334 
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A3 
30 
30 
06 


01 
04 
30 


30 
06 


01 
04 
03 


30 
06 


04 
30 
80 


30 
06 


04 


A 


22: 
20: 


22: 
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12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 
1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 
A5 AO 4A E3 85 D6 CE 06 80 3F E8 23 
7E 1A F2 24 AB 53 1A B8 27 OD 1E EF 
08 BF 66 14 80 5C 62 AC 65 FA 15 8B 
F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 
32 84 FO 7E 41 40 FD 46 A7 63 4E 33 
F2 A5 E2 F4 F2 83 E5 B8 
) 
} 
131 4 
SEQUENCE ( 
SEQUENCE ( 
OBJECT IDENTIFIER 
basicConstraints (2 5 29 19) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates ( 
SEQUENCE () 
} 


} 
SEQUENCE { 
OBJECT IDENTIFIER 
keyUsage (2 5 29 15) 
(X.509 id-ce (2 5 29)) 
BOOLEAN TRUE 
OCTET STRING, encapsulates { 
BIT STRING 6 unused bits 
IIB 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
authorityKeyIdentifier (2 5 29 35) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 

SEQUENCE ( 
[0] 
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 
3D 20 BC 43 2B 93 Fl 1F 
} 


} 
} 
SEQUENCE { 

OBJECT IDENTIFIER 
subjectKeyIdentifier (2 5 29 14) 
(X.509 id-ce (2 5 29)) 

OCTET STRING, encapsulates ( 
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1336 04 20: OCTET STRING 
H BE 6C Al B3 E3 Cl F7 ED 43 70 A4 CE 
13 01 E2 FD E3 97 FE CD 
) 
: ) 
1358 30 Ss SEQUENCE { 
1360 06 3 OBJECT IDENTIFIER 
: subjectAltName (2 5 29 17) 
: (X.509 id-ce (2 5 29)) 
1365 04 24: OCTET STRING, encapsulates ( 


1367 30 22: SEQUENCE { 
1369 81 20: [1] ’AliceDSS@example.com’ 

: ) 

) 
) 
} 
} 

: } 

1391 30 9s SEQUENCE { 


1393 06 Ts OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
1402 03 48: BIT STRING 0 unused bits, encapsulates { 


1405 30 45: SEQUENCE { 


1407 02 20: INTEGER 
e 55 0C A4 19 1F 42 2B 89 71 22 33 8D 
: 83 6A B5 3D 67 6B BF 45 
1429 02 Z Lo INTEGER 
: 00 9F 61 53 52 54 OB 5C B2 DD DA E7 
76 1D E2 10 52 5B 43 5E BD 


) 
: } 
1452 Al 219: [1] 4 


1455 30 216: SEQUENCE ( 
1458 30 153: SEQUENCE { 
1461 30 9: SEQUENCE { 
1463 06 Ts OBJECT IDENTIFIER 
: dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
: } 
1472 30 18% SEQUENCE ( 
1474 31 16: SET ( 
1476 30 14: SEQUENCE ( 


1478 06 3 OBJECT IDENTIFIER 
¿ commonName (2 5 4 3) 
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1483 13 7: 


1492 17 13: 
1507 30 105: 
1509 30 19: 
1511 02 2: 
Lodo l1 13* 


1530 30 T1295 
1532 02 23 
1536 17 13: 


1551 30 1:95 
1553 02 25 
LOOT L7 13: 


1572 30 19: 
1574 02 25 
1578 17 13: 


1593 30 19: 


1595 02 2: 
1599 17 13: 


1614 30 9: 
1616 06 Ts 


1625 03 47: 
1628 30 44: 
1630 02 20: 


1652 02 20: 


1674 31 0: 


Hoffman, Ed. 


(X.520 id-at (2 5 4)) 
PrintableString ’Carl1DSS’ 
) 
) 
) 
UTCTime ’ 9908270700002’ 
SEQUENCE { 
SEQUENCE { 
INTEGER 200 
UTCTime ’9908220700002’ 
} 
SEQUENCE { 
INTEGER 201 
UTCTime ’9908220700002’ 
} 
SEQUENCE { 
INTEGER 211 
UTCTime ’ 9908220700002’ 
} 
SEQUENCE { 
INTEGER 210 
UTCTime ’ 9908220700002’ 
} 
SEQUENCE { 
INTEGER 212 
UTCTime ’9908240700002’ 
} 
} 
} 
SEQUENCE { 
OBJECT IDENTIFIER 
dsaWithShal (1 2 840 10040 4 3) 
(ANSI X9.57 algorithm) 
} 
BIT STRING 0 unused bits, encapsulates { 
SEQUENCE { 
INTEGER 
7E 65 52 76 33 FE 34 73 17 D1 F7 96 
F9 AO D4 D8 6D 5C 7D 3D 
INTEGER 
02 7A 5B B7 D5 5B 18 Cl CF 87 EF 7E 
DA 24 F3 2A 83 9C 35 A1 
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} 


5. Enveloped-data 


5.1. Basic Encrypted Content, TripleDES and RSA 


July 2005 


An EnvelopedData from Alice to Bob of ExContent using TripleDES for 


encrypting and RSA for key management. 
OriginatorInfo. 


0 30 286: SEQUENCE { 


Does not have an 


8F 
33 
B8 
FA 
8C 


4 06 9e OBJECT IDENTIFIER 
: envelopedData (1 2 840 113549 1 7 3) 
(PKCS #7) 
15 AO 271: [01 { 
19 30 267 SEQUENCE { 
23 02 Ls INTEGER O0 
26: 31. 192: SET { 
29 30 189 SEQUENCE ( 
32:02 T INTEGER 0 
352-30 38 SEQUENCE { 
37 30 18: SEQUENCE { 
39 31 t6: SET { 
41 30 14 SEQUENCE { 
43 06 3 OBJECT IDENTIFIER 
commonName (2 5 4 3) 
: (X.520 id-at (2 5 4)) 
48 13 Ps PrintableString 'CarlRSA' 
: ) 
) 
: } 
57 02 16: INTEGER 
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 
CD 5D 71 DO 
: } 
75 30 13: SEQUENCE ( 
77 06 9: OBJECT IDENTIFIER 
4 rsaEncryption (1 2 840 113549 1 1 1) 
: (PKCS +1) 
88 05 Or: NULL 
: } 
90 04 128: OCTET STRING 
: OB 71 OD E6 71 88 88 98 B6 96 C1 
70 FD A2 27 DE DA E1 EF 24 6C A4 
DF AC EO E9 9D A2 D3 2C 7A CD 80 
99 9E E6 5F B1 41 B3 72 16 83 E7 
2A 00 8B C7 73 35 78 26 D6 C7 CF 
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221 
223 


234 
236 


246 


256 


30 
06 


30 
06 


04 


80 


32: 


oc 
91 
A3 
4D 
36 
2C 
) 
) 
SEQUENCE 


OBJECT IDENTIFIER data 


56 
43 
21 
DF 
79 
57 


{ 


DB 
58 
1D 
AD 
15 
FA 
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A5 
78 
FO 
69 
63 
DA 


(PKCS #7) 


SEQUENCE { 
OBJECT IDENTIFIER 


Messages 


76 
DC 
28 
31 
8F 
1A 


des-EDE3-CBC 


) 
[0] 


OE C8 92 7F 
C5 49 3A EB 
48 EA 4E 27 


} 


5.2. Basic Encrypted Content, 


Same as 5.1, 
management. 


Hoffman, 


30 
30 
31 


Ed. 


291: 


(12 840 113549 3 7) 
(RSADSI encryptionAlgorithm 


9D 
49 
78 
20 
CC 
2C 


08 
B6 
1F 
4B 
EB 
75 


(1 


38 
EC 
E 
48 
9D 
1F 


2 


(1 2 840 113549 3)) 
OCTET STRING 
2D 68 C5 E9 47 06 51 35 


RC2/128 


C6 7D 3F 8D CB AD 8E OE 
47 2E D6 55 DE 09 21 4E 


B1 6E 57 25 


and RSA 


OE 
EE 
5D 
A9 
A3 


ES 
6C 
F6 
75 
28 


F9 
68 
07 
22 
A1 


July 2005 


D4 
33 
73 
6E 
D1 


840 113549 1 7 1) 


except using RC2/128 for encryption and RSA for key 

An EnvelopedData from Alice to Bob of ExContent using 
RC2/40 for encrypting and RSA for key management. 
OriginatorInfo or any attributes. 


SEQUENCE { 


OBJECT IDENTIFIER 


envelopedD 
(PKCS #7) 
[0] ( 
SEQUENCE ( 
INTEGER 
SET ( 


SEQUENCE ( 


ata 


0 


Does not have an 


(12 840 113549 1 7 3) 


INTEGER 0 
SEQUENCE ( 
SEQUENCE { 


SET 


{ 
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41 
43 


48 


57 


75 
77 
88 


90 


221 
223 


234 
236 


246 
248 
251 


261 


Hoffman, 


30 
06 


13 


02 


30 


06 


05 


04 


30 
06 


30 
06 


30 
02 
04 


80 


Ed. 


16: 


128: 


32: 


Examples of S/MIME Messages 


SEQUENCE ( 
OBJECT IDENTIFIER 
commonName (2 5 4 3 
(X.520 id-at (2 5 4 


) 
)) 


PrintableString 'CarlRSA' 


) 
) 
} 
INTEGER 


July 2005 


46 34 6B C7 80 00 56 BC 11 D3 6E 2E 


CD 5D 71 DO 
} 
SEQUENCE { 
OBJECT IDENTIFIER 


rsaEncryption (1 2 840 113549 1 1 1) 


(PKCS #1) 

NULL 
} 

OCTET STRING 
85 42 BE E3 OB 2E E5 OF 09 
DE DA C1 D3 09 B8 27 2B 25 
FB C9 9C DB FO B2 6E AO 8A 
4A ED 98 9D 15 39 26 01 1A 
44 39 89 37 3C 6F C7 4A 61 
77 AA F9 D4 97 A4 D2 21 3F 
D4 DC 10 E9 D6 3F 00 DB 9C 
7E 96 FF 12 6E 87 84 AO BA 
56 6D A6 1D EB AB C3 B7 A1 
8B CC 1B 4A E5 14 36 06 61 
5F 69 67 91 A9 50 EE D8 


} 
} 
SEQUENCE { 


24 
D5 
1C 
6B 
0B 
3F 
47 
81 
F8 
C7 


CA 
74 
9D 
FO 
27 
20 
D6 
OF 
SF 
64 


OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 


(PKCS #7) 
SEQUENCE { 


OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2) 


(RSADSI encryptionAlgorithm 
(12 840 113549 3)) 
SEQUENCE ( 
INTEGER 58 
OCTET STRING 
E8 70 81 E2 EF C5 15 57 
) 
) 
[0] 


06 53 0A 7B 8D 5C 16 OD CC D5 76 D6 
8B 59 D6 45 8C 1A 1A OC E6 1E F3 DE 
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43 56 00 9B 40 8C 38 5D 


} 


5.3. S/MIME application/pkcs7-mime Encrypted Message 


A full S/MIME message, 


from 5.1. 


MIME-Version: 


1-0 


including MIME, 


that includes the body part 


Message-Id: <00103112005203.00349@amyemily.ig.com> 
Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time) 


From: Userl 
To: User2 


Subject: Example 5.3 
application/pkcs7-mime; 
name-smime.p7m; 
smime-type=enveloped-data 
Content-Transfer-Encoding: base64 


Content-Type: 


Content-Disposition: 


attachment; 


filename-smime.p7m 


MIIBHgYJKoZIhvcNAQCDOoIIBDZCCAQsCAQAxgcAwgbOCAQAwJjASMRAwDgYDVOODEwdDYXJ 


SULINBAhBGNGVvHgABWv 


BHTbi7NXXHOMAOGCSqGSIDb3DQEBAQUABIGACG3EN5nGIiJi21sGPcP 


21J9724e8kbK0z36z962Z22i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadC 
Dg08 /nNUKUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgGSOipdsJuNnkVY4/M65237KKHR 


LFf£f02hosdR8wQwYJKoZIhvcNAQcBMBOGCCaGSIb3DOMH 


LrYA4OxUk660cullXeCSFOSOpOJ7FuVyU- 


6. Digested-data 


BAgt aMXpRwZRNYAgDsiSf8Z9P43 


A DigestedData from Alice to Bob of ExContent using SHA-1. 


0 30 
2 06 


13 AO 
15 30 
17 02 
20 30 
22 06 


29 30 
31 06 


42 AO 
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94: 


Ke) 


30: 


SEQUENCE { 


OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5) 


(PKCS #7) 


[01 4 


SEQUENCE ( 
INTEGER 0 
SEQUENCE { 

OBJECT IDENTIFIER shal (1 3 14 3 2 26) 


(OIW) 


} 


SEQUENCE { 
OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
(PKCS #7) 


[0] 


{ 
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OCTET STRING 'This is some sample content.” 
} 
} 
OCTET STRING 
40 6A EC 08 52 79 BA 6E 16 02 2D 9E 
06 29 C0 22 96 87 DD 48 


7. Encrypted-data 


7.1. Simple EncryptedData 


An EncryptedData from Alice to Bob of ExContent with no attributes. 


0 
2 


13 
T5 
17 
20 
22 


33 
35 


45 


35 


30 
06 


AO 
30 
02 
30 
06 


30 
06 


04 


80 


87: 
9: 


72: 


32:1 


SEQUENCE ( 
OBJECT IDENTIFIER 
encryptedData (1 2 840 113549 1 7 6) 
(PKCS #7) 
[0] ( 
SEQUENCE ( 
INTEGER 0 
SEQUENCE ( 
OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
(PKCS #7) 
SEQUENCE { 
OBJECT IDENTIFIER 
des-EDE3-CBC (1 2 840 113549 3 7) 
(RSADSI encryptionAlgorithm 
(1 2 840 113549 3)) 
OCTET STRING 
B3 6B 6B FB 62 31 08 4E 


} 

[0] 
FA FC ED DB 3F 18 17 1D 38 89 11 EA 
34 D6 20 DB F4 C3 D9 58 15 EF 93 3B 
9A F5 D7 04 F6 B5 70 E2 


} 


The TripleDES key is: 


73 7c 79 1f 25 ea d0 el 46 29 25 43 52 £7 dc 62 
91 e5 cb 26 91 7a da 32 
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7.2.  EncryptedData with Unprotected Attributes 


An EncryptedData from Alice to Bob of ExContent with unprotected 
attributes. 


0 30 149: SEQUENCE ( 


3 06 91 OBJECT IDENTIFIER 
: encryptedData (1 2 840 113549 1 7 6) 
(PKCS #7) 
14 AO 135: [0] ( 
T7304 32: SEQUENCE ( 
20 02 1 INTEGER 2 
23 30 67: SEQUENCE { 
25 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 
: (PKCS #7) 
36 30 20: SEQUENCE ( 


38 06 8: OBJECT IDENTIFIER 
: des-EDE3-CBC (1 2 840 113549 3 7) 
(RSADSI encryptionAlgorithm 
: (12 840 113549 3)) 
48 04 8: OCTET STRING 
H 07 27 20 85 90 9E BO 7E 
: ) 
58 80 32: [0] 
: D2 20 8F 67 48 8A CB 41 E4 22 68 5D 
BE 77 05 52 26 ED E3 01 BD 00 91 58 
A7 35 6E BC 4B A2 07 33 
: } 
92 A1 58: [45] 4 


94 30 26: SEQUENCE { 
96 06 31 OBJECT IDENTIFIER '1 2 5555’ 
LOL. 31 49: SET ( 


103 04 47: OCTET STRING 
: “This is a test General ASN Attribut’ 
"e, number 1.’ 
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8. Security Considerations 


Because this document shows examples of S/MIME and CMS messages, this 
document also inherits all of the security considerations from 
[SMIME-MSG] and [CMS]. 


The Perl script in Appendix A writes to the user's local hard drive. 
A malicious attacker could modify the Perl script in this document. 
Be sure to read the Perl code carefully before executing it. 
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A.  Binaries of the Examples 


This section contains the binaries of the examples shown in the rest 
of the document. The binaries are stored in a modified Base64 
format. There is a Perl program that, when run over the contents of 
this document, will extract the following binaries and write them out 
to disk. The program requires Perl. 


A.1. How the Binaries and Extractor Works 

The program in the next section looks for lines that begin with a ’|’ 
character (or some whitespace followed by a FIRES ignoring all other 
lines. If the line begins with "qu, the second character tells what 
kind of line it is: 


line that begins with |* is a comment 

line that begins with |» gives the name of a new file to start 

line that begins with |« tells to end the file (and checks the 
file name for sanity) 

A line that begins with |anythingelse is a Base64 line 


pe 


The program writes out a series of files, so you should run this in 
an empty directory. The program will overwrite files (if it can), 
but won't delete other files already in the directory. 


Run this program with this document as the standard input, such as: 
./extractsample.pl «draft-ietf-smime-examples 


If you want to extract without the program, copy all the lines 
between the "een and v [ss markers, remove any page breaks, and remove 
the "|" in the first column of each line. The result is a valid 
Base64 blob that can be processed by any Base64 decoder. 


A.2. Example Extraction Program 
#!/usr/bin/perl 
# CMS Samples extraction program. v 1.1 


# Get all the input as an array of lines 
(A11In = (); while (<STDIN>) { push(@AllIn, $_) } 


SBase64Chars = 'ABCDEFGHIJKLMNOPORSTUVWXYZabcdefghijklmnopqr"' 
' stuvwxyz0123456789+/=' ; 


SLineCount = 0; $CurrFile = ''; 


foreach $Line (@AllIn) { 
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SLineCount++; + Keep the line counter for error messages 
SLine =~ s/*\s*//; # Get rid of leading whitespace 
chomp ($Line); # Get rid of CR or CRLF at the end of the line 


if (substr ($Line, 0, 1) ne ake { next ) # Not a special line 
elsif (substr ($Line, 1, 1) eq '*') { next ) # It is a comment 
elsif (substr ($Line, 1, 1) eq ’>’) 

{ £StartNewFile (substr ($Line, 2 
elsif (substr ($Line, 1, 1) eq ’<’) 

{ &EndCurrFile(substr($Line, 2) 
else ( £DoBase64 (substr ($Line, 1) 


)) ) # Start a new file 


) ) # End the current file 
) } # It is a line of Base64 


StartNewFile ( 
STheNewFile = shift(Q ); 
if(SCurrFile ne '') ( die "Was about to start a new file at " 
"line $LineCount, but the old file, $CurrFile, was open\n" } 
open (OUT, "»S$TheNewFile") or 
die "Could not open $TheNewFile for writing: $!\n"; 


binmode(OUT); # This is needed for Windows, is a noop on Unix 

$CurrFile = STheNewFile; 

SLeftOver = 0; # Amount left from previous Base64 character 

SNextPos = 0; # Bit position to start the next Base64 character 
# (bits are numbered 01234567) 


SOutString = ''; + Holds the text going out to the file 


EndCurrFile { 

SFileToEnd = shift (@_); 

if ($CurrFile ne $FileToEnd) { die "Was about to close " 
"SFileToEnd at line $LineCount, but that name didn’t match " 
"the name of the currently open file, S$CurrFile\n" } 

print OUT SOutString; 

close (OUT); 

$CurrFile = ''; 


DoBase64 { 

$TheIn = shift(Q ); 

if(SCurrFile eq '') ( die "Got some Base64 at line $LineCount, " 
"but appear to not be writing to any particular file.\n" ) 

@Chars = split(//, $TheIn); + Make an array of the characters 

foreach $ThisChar (@Chars) { 

# SThisVal is the position in the string and the Base64 value 
$ThisVal = index($Base64Chars, S$ThisChar); 


if($ThisVal == -1) { die "At line $LineCount, found the " 
"character $ThisChar, which is not a Base64 characterin" ) 

if($ThisVal == 64) { last ) # It is a "=", so we're done 

if ($NextPos == ) { 
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# Don’t output anything, just fill the left of $LeftOver 
SLeftOver = SThisVal * 4; 
SNextPos = 6; 


elsif ($NextPos == 2) { 
# Add SThisVal to SLeftOver, output, and reset 
SOutString .= chr($LeftOver + $ThisVal); 


SLeftOver = 0; 
SNextPos = 0; 
elsif ($NextPos == 4) { 
+ Add upper 4 bits of $ThisVal to $LeftOver and output 
SUpper4 = (SThisVal & 60); 


SOutString .= chr ($LeftOver + (SUpper4/4)); 
SLeftOver = (($ThisVal - $Upper4) * 64); 
SNextPos = 2; 

elsif (SNextPos == 6) { 


+ Add upper 2 bits of $ThisVal to $LeftOver and output 
SUpper2 = (SThisVal & 48); 
SOutString .= chr($LeftOver + ($Upper2/160)); 
SLeftOver = (($ThisVal - SUpper2) * 16); 
SNextPos = 4; 
else { die "\$NextPos has an illegal value: $NextPos." } 


B. Examples in Order of Appearance 


From Sec 


***ExCon 


tion 2.1 


tent.bin*** 


|* Section 2.1 

|>ExContent.bin 

| VGhpcyBpcyBzb211IHNhbXBsZSB4b250ZW50Lg== 
| «ExContent.bin 
From Section 2.2 
***AlicePrivDSSSign.pri*** 

* Example AlicePrivDSSSign.pri 
>AlicePrivDSSSign.pri 


2005 


| MIIBSwIBADCCASsGByqGSM44BAEwWggEeAoGBAIGNzZe2D6gge0T7CSCij5EeT307XgA7sU8 
[WrhAhP /5ThcO0h+DNbzREJR/p+vpKGJL+HZMMg2 3 3+bv7dM3F 9piuR10DcMkQ0iVm96nXvn8 
| 9J8v3UOoilTxP7AHCEdNXY jDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh 
| UA4kemGk VmuBPG20+4NyErYov3k80CgYAmONAUi TKqOfs+bd1LWWpMdiM5BAI1XPLLG4DD 
H1Bd32tZ4s2qBT1YwHuiNrhuB699ikI1lp/R1z0oIXks+kPht 6pzJIYo7dhTpzi5dowfNI4 
ee e 


|uORGOaX 
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<AlicePrivDSSSign.pri 
***AlicePrivRSASign.pri*** 


|* Example AlicePrivRSASign.pri 

|>AlicePrivRSASign.pri 
[|MIICdgIBADANBgkghkiG9wOBAQEFAASCAmAwggJCAgEAAOGBAOCJCczmN2PX161d20X90sA 
|W7U4PeD7er3H3HdSKNBS5tEt +mhibU0m+qwCn81+z6glEPMIC+sVCeRkTxLLVYMs/GaG8H 
2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf 8mB5vhs 60dAcO+sbSx0ny36VTg5mXcCpkhS jE 
rd ua I 
| FZBgJzFHNWRNIclnY860nlasLzduHO4Ovygt9DmQbzTYbghblWVq2EHzE9ctOV7-4M8v/Ke 
|QODCzOFoo*38Y6idjeweVfTLyvehwYifQRmXskbr4saw-*yRRKt/IQUBAPbWACIhTF8KcP8n 
| /OWzUGqd5Q4* 1hZbGOPqoCrSbmwxVwgEd- TeCihTI8pMOks21Z2iG5PNIGv7RVMcncrcqYLd 
| ECOODo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq 
| 2jiRKoZbbBTorkye+o4vAkEA10zwh5sXf+4bgxsUtgtqkF+GJ1Hht 6B/9eST41m5+R6b0y 
130CJI1yKxJZi 6PV1Tt / oe ILLIURY jdZNR5 6vVN8QJALPAKW/qgzYUi 6tBuT/pszSHTyOTx 
ee a 
|[grA7y730v0nG+4tCo1+/bkBS9u4oiJIW9LIZ7091CTyr9AcewhJcV/+wLp1Za4M83ixpXu 
[b41fKA-- 

|<AlicePrivRSASign.pri 


***BobPrivRSAEncrypt.pri*** 


|* Example BobPrivRSAEncrypt.pri 

|>BobPrivRSAEncrypt.pri 

| MI TChQIBADANBgkqhkiG9w0 BAQEFAASCAmAwggJ cAgEAAoGBAKnhZ5g/OdVf 8qCTOV6meY 
| mF yDVdmpFb+x0B2h1wJhcPvaUi ODWFbXqY ZhRBXM+ 3twg7CcmRUB1pN2352ZR572akzJKN/ 
O7uvRgGGNjOyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9TO39T2GkB8Q0X4enDRvoPGXz 
po oem ucc cea ais 
| yte6alatd8brUX1weQqg 9P 5F 4Kmy 9Bnah5 jWMIRO5PxZbMHGd9ypkdB8MKCixQhelXFD/A 
| OHP £{D6bRSeTmPwF 1h5HEUYHDO 9sBvf+iU708AsmAX2EAnYh9sDGQJBANDDI sbeopkYdo+N 
| vVKZ11mY/111FU0x2 9XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiEI2Kv8zHCue 
| UCOQDQUfweIrdb7bWOAcjXq/JYlPeClPNTqBlFy2bKKBlf4hAr84/sajBO-EOR9KfEILVH 
IdxJAfkKICnwJAiEYH2PAkAOumTJSChXdNdVUN5qSO8bKlocSHselVnDYDubl6nA7xhmqU 
5iUjiEzuUJiEiUacUgFJlaV/4jbOSnI3vQgLeFAkEAni-tzN5r7CwZdVc*EJBqRd2ZCWBgVf 
| JAZAcpw6ilWchwtdYhKIFmioNRobQtg4wJhprwMKSDIETukP j3d9NDAlBwJAVxhnlgrSta 
| vcunrnVNqcBU*B108BiR4yPWnLMCRSyFRVJQA7HCp8J1DV6abXd8vPFfXuC9WN7rOvTKF8 
| YOZB9gANMAsGA1UdDzEEAwIAE == 

|<BobPrivRSAEncrypt.pri 


***CarlPrivDSSSign.pri*** 


|* Example CarlPrivDSSSign.pri 

|>CarlPrivDSSSign.pri 
[|MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5ylRNqx6B48 
ZMsw6UCQbrAdSxyHFLxOXAUCVdnPza5G3TA40ZIhlJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 
UAFIkAvrJRVRl1XcjlMOEK1Q/HC3zTBU/dreqKoitaGvi8wCiOeLcF-t5reEIl1GOpLdbpAh 
| UA3cEv31PO0CzRgdz4CpL+KXZi 5ENUCGYAM7 lebS7 3at gdqdDdPVX+d7bxhDet GWTxWCytb 
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[DJHOpWJSacrhbT69v/7ht7krYTyty65F4was jCKdnESHC8fN8BzZtU5dc96vDskdWlH1TO 
| RENVpzqn9GUR*pQhacSOuKeWGO1S9TIkRjH4a401gGJfgpwO-64HXwQsR jZVKbCgQWAhQZ 
SZilIWIxUOV/uTAIRnjRPrXlcg-- 

«CarlPrivDSSSign.pri 


***CarlPrivRSASign.pri*** 


|* Example CarlPrivRSASign.pri 

>CarlPrivRSASign.pri 
MIICdgIBADANBgkqhkiG9wOBAQEFAASCAmAwggJCAgEAAOGBAORL/xi4JFf0d/9uc3uTcV 
| y8MxqSknI j2EFGOMOROgSz jq*Cnb1RHhd68nYsK4Y5p73XjRpT7OQAlejsojax7eJQA4jIJ 
|ijtfmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO-*BjWyFde8nbE8hFgOL 
| XbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8 
|KQ7z j73Dycm2*LrWE5vDl3rKavCA4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6 jvUnIdg7X 
| a£8WowN9XgkBb4AgEfDGWvtdXe6Su05tlOCRztfG8gcq8vo9SY/pIECQOD/3wmgVgtCUp7E 
TZOzsEm73ueBfSiZOLFIugs54Rx7IhgztkD2v9yuHdChrORxWmEKbjvOMNo2n2UlKbunDn 
Exp E uiu Mi qu ML EE 
| ghsHHyBMt817Vve2wn6rcwJAVzZsj4wEdmy2104kRAD4gOKvQgGpDxSE*OCAA4 I4MJ6QtX6 
|L1bbVjwK1E6XaRpxlJLkb4d4VLOA4CE8K/S2FQm1QJAZKEPrFVOG70NYXsXA82w5qcZHYCv 
| gUFI2Bq2iBSgLHrFdtOPDh96KrJuNwSrO0UVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+ 
| TbOOhXbmt zGYhhOvp0S jaLR2hdUOsm4-*p9m051qa97q0sudlE9qNARq6PWqMAnNh1UC6qn 
0W2N+g== 

<CarlPrivRSASign.pri 


***DianePrivDSSSign.pri*** 


|* Example DianePrivDSSSign.pri 

>DianePrivDSSSign.pri 
MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMACOSwXp5y1RNgqx6B+8 
| ZMsw6UCQbrAdSxyHFLxOXAUCVdnPza5G3T40ZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 
|UAFIk4vrJIRVR11Xc3j1MOEK10/HC3zTBU/dreqKoitaGvi8wCi0eLcF+5reEl1G0OpLdbpAh 
[|UA3cEv31POCzRgdz4CpL4KXZi5ENUCgYAM71ebS73atgdqdDdPVX4d7bxhDetGWTxWCytb 
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4was jCKdnESHC8fN8BzZtU5dc96vDskdWlH1TO 
no o c ccc ME 
lpX54MHgQSOyDA4tCUpMq5h401Sk- 

[«DianePrivDSSSign.pri 


***DianePrivRSASignEncrypt.pri*** 


* Example DianePrivRSASignEncrypt.pri 

>DianePrivRSASignEncrypt.pri 

| MIICAWIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAOGBANb 9uMBwxkw1 70rP 6ény7om 
| L680YyO1P/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbx fi YDgxXadz+ygLHCW8oNC 9t S3KAq7+L9K 
| TBK/B9ugwWAet 35n996xw2BJrEXX+MbvCDchk 0 fu8HM1crACxPMRw15H5Qq3g/HbdG1ki0 
[Od1V3NKMCFAgMBAAECgYA9vc3CDmEUWOvnv2AjBCvFazWllkUj/Gl9kzwPOyWWumJSQuKW 
z/5YgI/rsYy91Al110Dp3RSSeDOuGgMOSIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/ 
GAL9VBDjIk99RKMp65SdgZ2jj85jWK9gPwMJJKT5MPXBZFTu5a2QQOJBAPOA4POrRlLCRYBNB 
[|kg2NRD93Hf-WIOQI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7 
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| UCQQDhOucRVwaucpUiFgoCtFrtTp2CEU+WP IbJEI1WezF1leWnndWg4AEsu0iYy3bHi4CxU 
| (Ap1lut FmlhuwDqB+0ruRAkEAr7a82yJzQ0Hst LVnqaGZ/0/Sjv0d++Upi/4K39TIX1c1Cl 
OrlAmgVlvFsWL8ILAILeMHtaHns//EwKVfrBJcqQJBALmYOfwIUB9zYIoBonxSiiBa6iyJ 
2aUZ3ZTGG8M1wIJR504rmhncc+3pHSfU+GwD3asdCHulrH/pgpvxiYpx22ECOAEHIZdfem 
|Co/VpcB9*o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhF jk5sONOfc/N 
| xaxsvt+U= 

|<DianePrivRSASignEncrypt.pri 


From Section 2.3 
***AliceDSSSignByCarlNoInherit.cer*** 


|* Example AliceDSSSignByCarlNoInherit.cer 

| >AliceDSSSignByCarlNoInherit.cer 

[MIIC3DCCApugAwIBAgICAMgwCQYHKOoZIz jJgEAZASMRAwDgYDVQQDEwdDYXJSRFNTMB4XDT 
k5MDgxNzAxMTAOOVOXDTM5MTIzMTIzNTk1OVowEZzERMA8GAlUEAxMIQOWxpY2VEUl1MwggG2 
uu A a ME DS D LEO C 
| FzSHAMIvNESNH-4n6-tkoYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde-fz0ny/dQ6iL 
[VPE/sAcIRO1diMPDtbP3jVOh11T12EMR4vf+dsISXN/LkURul5AmWXPN+W9sCFODiR6YaRW 
|a4E8baj793IStii/eTzOKBgCY40BSIJMqo5+z5t2UtZakx21zkEAjVc8ssaMMMeUF3dm1ni 
| zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q4G3qnMkhi jt2FOnOL12jB80jhbgvMAF8bU 
mJEYk2RL34yJVKUlal4vlz7BphNh8Rf8K97dFQ/5hO0wtGBSmA5ujY5AA4GEAAKBgFz juVpl 
pc oum umm IM. 
| i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS1jf2YUeyxDKE 
| 8H5BOP1Gp2NOM/K14vTyg-*W404GBMH8wDAYDVROTAQH/BAIwADAOBgNVHQ8BAf8EBAMCBs 
| AwHwYDVRO jBBgwFoAUCEQ*gi5vh95K03XjPSC8QyuT8R8WwHQYDVROOBBYEFL5sObP jwfft 
| OS3CkzhMB4v3j1/7NMB8GA1UdEQQYMBaBFEFsaWNIRFNTQGV4YW1wbGUuY29tMAkGByqGSM 
Rin MM C E E 


|<AliceDSSSignByCarlNoInherit.cer 
***AliceRSASignByCarl.cer*** 


* Example AliceRSASignByCarl.cer 

>AliceRSASignByCarl.cer 
|MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwRO024uxBCzsDANBgkqhkiG9wOBAQUFADASMRAwDg 
| YDVOODEwdDYXJsUl1NBMB4XDTk5MDkxOTAxMDgON10XDTM5MTIzMTIzNTk1OVowEzERMA8G 
| AJUEAxMIQWxpY2VSUOEwgZ8wDQYJKoZIhvcNAQEBBQADgYOAMIGJAOoGBAOCJCzmN2PX16I 
| 4220X90sAW7U4PeD7er3H3HASKNBS5tEt+mhibU0m+qwCn81+z6g1EPMIC+sVCeRkTxLLvY 
Ms/GaG8H2bBgrL7uNAlqgE/X3BQWI3166NVbZYf8Zf8mB5vhs6odAcO-*sbSxOny36VTq5mX 
cCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIG 
| wDAf£BgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQA4EFgQUd9K00bdMio 
[qjzkWdzuw80oDrj/1AwHwYDVRORBBgwFoEUQWxpY2VSUOFAZXhhbXBsZS5jb20wDQYJKoZI 
[|hvcNAQEFBQADgYEAPnBHqEjMEliPylFxa042GFOEfoCxjU3MyqOPzH1WyLzPbrMcWakgqg 
[|WBqE41radwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/OuiVdfUnTlGsiNnRzuErsL2TtO0z3SpOLF 
6DeKtNufZtS9n/ntdO/q*e5jatg/SyUJtdgadq7rm9tJsCI- 
<AliceRSASignByCarl.cer 
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***BobRSASignByCarl.cer*** 


* Example BobRSASignByCarl.cer 

>BobRSASignByCarl.cer 
|MIICJzCCAZCgAwIBAgIQRjRrx4AAVrwRO024uzV1xODANBgkqhkiG9wOBAQUFADASMRAwDg 
| YDVOODEwdDYXJsUlNBMBAXDTk5MDkxOTAxMDkwMloXDTM5MTIzMTIzNTk1OVowETEPMAOG 
| ALUEAxMGQm9iUlNBMIGfMA0GCSqGSIDb3DQEBAQUAA4GNADCBiQKBgQCp4WeYPznVX/Kgk0 
|FepnmJhcg1XZqRW/sdAdoZcCYXD7211tAlhW1l6mGYUQVzPt7cIOwnJkbgZaTdt-4WUee9mp 
MySjfzu7rOYBhjYOMssHAl11S/IWLMQSA4zBgIFEjmTxz 7XWDEAFwfU9N/U9hpAfEF-HpwOb 
oos m IM uM 
| BgNVHSMEGDAWgBTp4JAnrHggeprTTPJCNO4irp44uzAdBgNVHQ4EFgQU6PS4Z9izlqQq8x 
| GgKdOVWoYWt COWHOYDVRORBBYwF IESQm9iU1NBOGV4YW1wbGUuY 2 9tMAOGCSqGSIb3DQEB 
| BOUAA4GBAHuOZSXxED8QIEyIcat7QGshM/pKld6dDltrlCEFwPLhfirNnJOIh/uLt359QW 
| HhSNZt +e LEVWFF VvGQnRMChvV152R1kPCHWRbBdaDOS 69zxV+WBfZ3jmNZGjOd5390gc0ync 
| £1EH1/M28FAK3Zvet144ESv7V+qJba3JiNiPzyvT 

|<BobRSASignByCarl.cer 


***CarlDSSSelf.cer*** 


|* Example CarlDSSSelf.cer 

|>CarlDSSSelf.cer 

MIICmzCCAlqgAwI BAgIBATAJBgcqhk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MwHhcNOT 
bo In UEM MUR ee 
| ASsGByqGSM4 4BAEwWggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd 
| SxyHFLxOXAUCVdnPza5G3T40ZIhIJ9uhWVShb2Ru3d 9p jSu3 6KCoq6Fnu5UAFIk4vrJRVR 
| 11Xcj1MOEK1Q/HC3zTBU/dreqkKoitaGvi8wCi0eLcF+5reEI1G0pLdbpAhUA3cEv31P0Cz 
| Rgdz4CpL+KXZi 5ENUCgYAM7 1lebS73at gdqdDdPVX+d7bxhDet GWT xWCyt bDJHOpWJSacrh 
bT69v/7ht 7krYTyty65F4was jCKdnESHC8 £N8BzZtU5dc96vDskdW1H1ITORSNVpzqn9GUR 
*tpOhacSOuKeWGO1S9TIkRjH4a401gGJfgpwOt64HXwOSRjZVKbCgOBhQACgYEAmYd0OJwNm 
| oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB821M/n 
|XA-*87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN 
[G61NiZrXjRg5hD-*LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVROPAQH/BAQDAg 
| GGMBOGA1UdDgQWBBRwRD 6CLm+H3krTdeM9 I LxDK5PxHzAJBgcghk jOOAQDAzAAMCOCFGup 
8E56Wnn j+b4 9K8kGN+kRF 6ETANUAzZRpKouxPAN51DJNEh/OiftGsjs= 
<CarlDSSSelf.cer 


***CarlRSASelf.cer*** 


|* Example CarlRSASelf.cer 

>CarlRSASelf.cer 
MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwRO024un/JQIDANBgkqhkiG9wOBAQUFADASMRAwDg 
| YDVOODEwdDYXJsUl1NBMB4XDTk5MDgxODA3MDAwMFOXDTM5MTIzMTIzNTk10VowEjEQMA4G 
|ATUEAxMHQ2FybFJTQTCBnzANBgkqhkiG9wOBAQEFAAOBjQAwgYkCgYEASEv/GLgkV/R3/2 
| 5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF 3rydiwrhjmnvdeNG1Ps5ADV60yiNrHt 
| 41DiMgmKP5+ZJY+4Tqu5 fdWWZdoWoMW+Dq5EW+ 9e 9Kcpy4LdrETpqpOUKQ74GNbIV17yds 
TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVROTAOH/BAUWAWEB / zAOBgNVHQ8BAf 8EBAMC 
oe c um e E I 
| ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941Z2AN6CHtfA4EmFQ7e/d 
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|P+MLuGG1pJs85p6cVJq21dbabDulLUU1NUKkBdvg5uTH5+WsSU6D1IFGCLfco+81NrsDdvre 
| Z019v6WuoUQWNdzb7IDsHaaolTNBgC 
|<CarlRSASelf.cer 


***DianeDSSSignByCarlInherit.cer*** 


|* Example DianeDSSSignByCarlInherit.cer 
|»DianeDSSSignByCarlInherit.cer 
ee ee 
k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk10VowEzERMA8GA1UEAXMIRG1hbmVEU1MwgZMw 
| COYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA-hmlFSGtpZqHMvEiW2CMvK7ypEdo 
| pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL81/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd-* 
|/IxFclt*Po9oTdlGeiK-*jv/M2jkpoznlnOPpVcnXW6aBZ8zAqsO0uxSOjgYEwfzAMBgNVHR 
| MBA£8EA jAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLmt*H3krTdeM9ILxD 
| KSPXHzAdBgNVHQAEFgQUZDCZfVzcRQuZOlIvFr9YUN3OKxgwHwYDVRORBBgwFOEURGlhbm 
VEU1NAZXhhbXBsZS53jb20wCOYHKoZIz3jgEAwMwADAtAhUAoRr4Fw4+XaiM9LZVMx5L4yys 
uV8CFChLEEVYOhydVTUUGJGyPznftW7T 

[«DianeDSSSignByCarlInherit.cer 


***DianeRSASignByCarl.cer*** 


* Example DianeRSASignByCarl.cer 

>DianeRSASignByCarl.cer 
|MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024ulZowkDANBgkqhkiG9wOBAQUFADASMRAwDg 
| YDVOQDEwdDYXJsUl1NBMB4XDTk5MDgxOTA3MDAwMFOXDTM5MTIzMTIzNTk1OVowEzERMA8G 
| ALUEAxMIRGlhbmVSUOEwgZ8wDQYJKoZIhvcNAQEBBQADgYOAMIGJAOoGBANb9uMBwxkwl70 
| rP6ny7omL680YyO1P/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadztygLHCW80NC9t $3 
Ed LT mu 
HbdG1ki0Qd1V3NKMCFAgMBAAG jgYEwf zZAMBgNVHRMBA f 8EA jAAMA4GA1UdDWEB/wQEAwIF 
| 4(DAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp4 4uzAdBgNVHO4EFgQU jPPLdQ6NMf 
| bUKdpEknW4 /u1 POQwwHwYDVRORBBgwFoEURGlhbmVSUOFAZXhhbXBsZS5 jb20wDQYJKOoZI 
[hvcNAQEFBQADgYEAfaYstXhClnnzMf72Q0soPEweSCRvgb7CRGPa/SvvMY3n7gb/d18eQa8 
| sKNytBagO0YxRs+MshFK4YBnBziNu8WwRgqSuL5i+1M+SUcLxLnkK1imBoPwsge7hX7VxtrO 
nHsxctei6kGrasDdH7kURBjPhFdm6MXmuNwtsx8bKEM2dXo- 
<DianeRSASignByCarl.cer 


From Section 2.4 
***CarlDSSCRLForAll.crl*** 


|* Example CarlDSSCRLForAll.crl 

[»CarlDSSCRLForAll.crl 

| MIHYMIGZMAkGByqGSM4 4BAMwE jEQMA4GA1UEAxMHQ2F ybERTUxcNOTkwOD I 3MDcwMDAwW 74 
| BBMBMCAgDIFwOSOTA4MjIwNzAwMDBaMBMCAgDJFw05O0TA4MjIwNzAwMDBaMBMCAgDTFwO05 
| OTA4MjIwNzAwMDBaMBMCAgDSFw05OTAA4MjIwNzAwMDBaMBMCAgDUFw050TA4MjQwNzAwMD 
BaMAkGByqGSM4 4BAMDLwAwLAIUfmVSdjP-M-NHMX0feW-aDU2GIlcfTOCFAJ6W7fVWxjBz4fv 
ftok8yqDnDWh 

[«CarlDSSCRLForAll.crl 
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***CarlDSSCRLForCarl.crl*** 


* Example CarlDSSCRLForCarl.crl 

>CarlDSSCRLForCarl.crl 

| MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVOQODEwdDYXJsRENTFwO05OTA4MjUwNZzAwMDBaMB 
|[OwEgIBARCNOTkwODIyMDcwMDAwWjAJBgcghk jOOAQDAzAAMCOCFQCZH8VPe j3sdtVg4d55 
| IuxPsJD- 1wIUWovDhLxmhxu/eYJbClOH9rqpBSk- 

[«CarlDSSCRLForCarl.crl 


***CarlDSSCRLEmpty.crl*** 


|* Example CarlDSSCRLEmpty.crl 

[|»CarlDSSCRLEmpty.crl 

| MGO0wLjAJBgcqhk jOOAQDMBI xEDAOBgNVBAMTBONhcmxEU1MXDTk 5MDgyMDA3MDAWMF owCQ 
| YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D 
XW/eZSh9 

<CarlDSSCRLEmpty.crl 


***CarlRSACRLForAll.crl*** 


|* Example CarlRSACRLForAll.crl 

>CarlRSACRLForAll.crl 
MIIBMzCBnTANBgkqhkiG9wOBAQOFADASMRAwDgYDVQODEwdDYXJSUINBFwO5OTAAMjcwNz 
| AWMDBaMGkwIQIQRjRrx4AAVrwRO24uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW 
| vBHTbi7VmjCQFw050TA4MjIwNzAwMDBaMCECEEYOa8eAAFa8EdNuLslidcdAXDTk5MDgyND 
| A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu718jc6vH6ZhYwDrWe 
|[XPCB1F6zbsGla4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt 
PMZssR20s0R3etTyLZ5X8w81v8l1FG1WHY7H6hGph/20d5Voe0xiGmXDw3jT1AxgWx4= 
<CarlRSACRLForAll.crl 


***CarlRSACRLForCarl.crl*** 


|* Example CarlRSACRLForCarl.crl 

>CarlRSACRLForCarl.crl 

MIHsMFcwDOYJKoZIhvcNAQEEBQAwWE JEOMA4GA1UEAXMHO2FybFITORCNOTkwODI1MDcwMD 
[AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE 
[|BOADgYEAIe8h1MEahZVJa8pFYtzXCf-*pUS602UcY-*vjlctlP7XR04/NI1MmUOLJodV-4XVJg 
|bgleYjlYSNDome7psML84H96PRa4VMD/ /m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH 
[|E1WUBWAqAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY- 

|<CarlRSACRLForCarl.crl 


***CarlRSACRLEmpty.crl*** 


|* Example CarlRSACRLEmpty.crl 

|>CarlRSACRLEmpty.crl 

MIHHMDIwDOYJKoZIhvcNAQEEBQAwWE JEOMA4GA1UEAXMHO2FybFITORCNOTkwOD IwMDcwMD 
AwWjANBgkqhkiG9wOBAQQFAAOBgQCpxSGA4E3x087UR7ATzIEWGHgtufA4NtX/QOdgZZJQ4E 
|PYgJiIlE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuIOe7hDq/2FnStoa 
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| /BAHUAZOq1mvYLCKLblRIfpqe5O0UUlCg72XoTn*LlayRjCDriglr6BOoBty == 
| «CarlRSACRLEmpty.crl 


Rest of the sections 
***3.].bin*** 


|* Example 3.1.bin 
>3.1.bin 
MIAGCSqGSIb3DOEHAaCAJIAEBFROaXMEGCBpcCyBzb211IHNhbXBsZSBjb2502W50LgAAAA 


|<3.1.bin 


***3.2.bin*** 


* Example 3.2.bin 

>3.2.bin 
|MCSGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu 
«3.2. bin 


***4.1.bin*** 


|* Example 4.1.bin 

[»4.1.bin 

|MIIDlwYJKoZIhvcNAQcCoIIDiDCCA4QCAQExCTAHBgUrDgMCG jArBgkqhkiG9wOBBwGgHg 
|OcVGhpcyBpcyBzb2111HNhbXBsZSBjb250Z2W50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ 
| Bgcghk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj 
MxMjM10TU5WjATMREWDWYDVQQDEWhBbG1 j ZURTUzCCAbYwggErBgcghk jOOAQBMI IBHgKB 
gQCBjc3tg+oKnjk+wkgoo+RHk90016gO7FPFQ4QIT/+U4XNIfgzW80RI0f6fré6ShiS/h2T 
| DINt4/m7+3TNxfaYrkddA3DJEI1Zvep175/PS£L91DqItU8T+wBwhHTV2 Iw801s+NVCHXV 
| OXYQxHi9/52whJc38uRRG7XkCZZc835b2wI VAOJHphpF ZrgTxt qPuDCchK2KL95PNAOGAJ 4 
| JOFIkyqjn7Pm3ZS11qTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB70ja4bgevfYpCJaf0 
| dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi-XPsGm 
E2HxF/wr3tOVD/mHTCOYFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm 
FOokoESPZNIZndXUTEjlDW2/1Ub/6ifKiGz4kfTOHjVtjyLtFpaBKA44XWzgaAP-*gjfhryJK 
| tTGrgnDR7vCL9mF IBcYgx1+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi 9PKD5bi 5 
| gYEw£zAMBgNVHRMBAf8EAjAAMAA4GA1UGDWwEB /wQEAwIGwDAfBgNVHSMEGDAWgBRwRD 6CLm 
| +H3krTdeM9ILxDK5PxHzAdBgNVHO4EF gQUvmyhs+PB9+1DcKTOEWHi/eOX/s0wHwYDVROR 
| BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS53jb20wCOYHKoZ1zjgEAwWMwADAtAhRVDKOZH0IriX 
EiM42DarU9Z2u/RQIVAJ9hU1JUC1lyy3drndh3iEFJbQ169MWMwYOIBATAYMBIxEDAOBgNV 
BAMTBONhcmxEUIMCAgDIMACGBSsOAwIaMAkGByqGSMA44BAMELjASAhQJkf7rO0mnlGLfXzV 
| XOgeoqQmqt Awl UOg fMwyG+4RpLfz61Ddu6HOg8zYk= 

|<4.1.bin 
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***4.2.bin*** 


* Example 4.2.bin 

>4.2.bin 

| MIIDUgYJKoZIhvcNAQcCoIIDQzCCAz8CAQExCzAJBgUrDgMCGgUAMCSsGCSqGSIDb3DQEHAa 
[|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuolICMDCCAiwwggGVoAMCAQICEEYO 
[|a8eAAFa8EdNuLsQOs7AwDQYJKoZIhvcNAQEFBQAwE jEQMA4GA1UEAxMHQ2FybFJTQTAeFw 
[050TA5MTkwMTA4NDdaFwOzOTEyMzEyMzU5SNTlaMBMxETAPBgNVBAMTCEFSsaWNlUINBMIGf 
MA0GCSqGSIb3DQEBAQUAAA4GNADCBiQKBgODgiXM5jdjl9eiHdjl/TrAFulOD3g43q9x9x3 
UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFOnkZE8Sy72DLPxmhvB9mwYKy+7 jQJahP1 
| 9WUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t-41U6uZ13AqZIUOxO81c4V3RXXwIDAQ 
| ABo4GBMH8wDAYDVROTAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVRO jBBgwFoAU6eCQ 
|J6x4I1Hqa00zyQjdOIq6eOLswHQYDVROOBBYEFHfStNG3TIqKo85Fnc7sPKA64/9Q0MB8GA1 
| UdEQOYMBaBFEFsaWNIUINBQGV4YWiwbGUuY29tMA0GCSqGSIb3DQEBBQUAA4GBADSwR6hI 
| zBNY 38pReWtONhhdBH6AsY1NzMqjj8x9Vsi8z26zHFmpIKoFgahOJa2ncBR1L/XHm9EO6W 
PSZLfGZm5zIVTf9LolXX1J05RrIjZO0c7hK7C9k7dM90qdCxeg3irTbn2fkvZ/5/nTv6vnu 
E d i nM M IA ER d 
| RzxA4AAVrwRO24uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOCOvMJX7gM 
|WOtOnb-JmoHldcSRPdPQ1Xu21f6UoYqs48SE9clgTieV9s8AhnZIPyvw59QCZ6f1x40WBK 
|WztefZMvAk7-cgRNWfB8VTJPrOAROPFxOnKpWdK4*QDIRQL6TkNus5unJ4M6J jmVRPUaG/Q 
[B9eisWJM44-*v/eDVXcc- 

|<4.2.bin 


***4,3.bin*** 


|* Example 4.3.bin 

|>4.3.bin 
MIIDdwYJKoZIhvcNAQCCOIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9wOBBwGggg 
E nc mc mL c Hu T.U 
| DTK5MDgxNzAxMTAOOVoXDTM5MT I zMTIzNTk10VowEzERMA8GA1UEAxMIQWxpY 2VEU1Mwgg 
| GOMIIBKwYHKOoZIzjgEATCCARACgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE/ / 
| LOFZSHAMIvNESNH4n64koYkv4dkwyDbeP5u/tOzcX2mK5HXQNwyRCJWb3qde-4 £zOny /dQ6 
| iLVPE/sAcIRO1diMPDtbP jVQh11T12EMR4vf+dsISXN/LkURu1 5AmWXPN+W9SCFQDiR6Ya 
RWa4E8baj7g3IStii/eTzQOKBgCYA40BSJMqo5-*z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dml 
nizaoFPVjAe6I2uGAHr32KQiWn9HXPSgheSz6Q-G3qnMkhijt2FOnOL12jB80jhbgvMAF8 
| BUmJEYk2RL34yJVKU1al4vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5AA4GEAAKBgFz juV 
|plFJYLqXrd4z*p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/-*onyohs*JHO9B41b 
| Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS1jf2YUeyxD 
| KE8SH5BOP1Gp2NOM/K14vTyg+W404GBMH 8wDAYDVROTAQH/ BA IwADAOBgNVHQ8BAf 8EBAMC 
BsAwHwYDVROjBBgwFoAUCEQ-*gi5vh95K03XjPSC8QyuT8R8WHOYDVROOBBYEFL5sobPjwf 
ftO03CkzhMB4v331/7NMB8GA1UdEQOYMBaBFEFsaWN1RENTOGV4YW1wbGUuY2 9tMAkGByqG 
| SM4 4BAMDMAAWLOTUVOykGR9CK41x13j0Ng2gq1PWdrv0UCFOCfYVNSVAtcst3a53Yd4hBSWO 
| NevTF jMGECAQEwGDASMRAwDgYDVQODEwdDYXJsSRFNTAgIAyDAHBgUrDgMCG jAJBgcqhk jO 
[|OAQDBCAwLAIUBvvHKiTVNIn3i7X9cySlhsgPWmwCFGZpGbxoWNGNsZ1SP90UiA39yaG4 
|<4.3.bin 
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***4.4.bin*** 


* Example 4.4.bin 

>4.4.bin 

| MIILDQYJKoZIhvcNAQCCOIIK/jCCCvoCAQExCTAHBgUrDgMCG jArBgkqhkiG9wOBBwGgHg 
[OcVGhpcyBpcyBzb2111HNhbXBsZSBjb2502W50LqCCB68wgglsMIIBlaADAgECAhBGNGVH 
| JABWVBHTbi 7EELOWMA0GCSqGS Ib3DQEBBQUAMBI xEDAOBgNVBAMTBONhcmxSUOEWHhcNOT 
| kwOTESMDEwODQ3WhcNMzkxM jMxM jM1 OTU5WJATMREWDWYDVQQDEWhBbG1 jZVJTQTCBnzAN 
fe om dl E. 
OFLm0S36aGJtTSb6pYKfyX7PqCUQ8wWwgL6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcF 
|BZP£XrolVtlh/xl/yYHmtGzqh0Bw76xtLHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAa 
| OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVROPAQH/BAQDAgbAMB8GA1UdIwQYMBaAFOngkCes 
| eCB6mtNM8kI3TiKunji7MBOGA1UdDgQWBBR3O0rTRtOyKiqgPORZ307DygOuP/UDAfBgNVHR 
| EEGDAWgRRBbGI jZVJTQUBleGFtcGxlLmNvbTANBgkqhkiG9wOBAQUFAAOBgQA-4cEeoSMwT 
|WI/KUXFrTjYYXQR-*gLGNTczKo4/MfVbIvM9usxxZqSCqBYGoTiWtp3AUdS/1x5vRDul;jOm 
S3xmZucyFU3/S6JV19SdOUayI2dHO4SuwvZO3TPdKnQsXoN4q0259n5L2f-*f£5074r5"mNq 
Ls UL D Du s i n DE 
| ODEwdDYXJsRFNTMB4XDTk5MDgxN jIyNTA1MFoXDTM5MTIzMTIzNTk10VowEjEQMA4GA1UE 
| AxMHQ2F ybERTUzCCAbcwggErBgcqhk jOOAQBMI IBHgKBgQC2SRg+ikTBKXGUTAHEESF 6ec 
| tUTasegfvGTLMO1AkG6wHUschxS8dFwFA1XZz82uRt 0+KGSISCfboV1UoW9kbt 3faYOrt+ 
|iggqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a3qiqIrWhr4vMAo jni3Bfua3hCN 
ee mu MU I E. 


R1k8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMGrIwinZxEhwvHzfAc2bVOXXPerw 
| 7JHVpR9U9EeTVac6p/RIEfqUIWnEjrinlhtNUvUyJEYx*GuKNYBiX4KcDvuuBl8ELEY2VS 
| mwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbUlHbbFiCenYrh7yOrSUsaOOeptxTg 
| CUybQlTrlglhkkAfNiDP51wPvO2GgAA4/3VcE/fIS5YZBpTOsWGPOlexCBGkCyYl8FJ2geoL 
| Yg2VKuaGunKyplCDC6onzRupTYmal40YOYQ/i8VWTYB6o00IwQDAPBgNVHRMBAf8EBTADAQ 
H/MA4GAl1UdDwEB/wQEAwIBhjAdBgNVHQA4EFgQUCEQ-4gi5vh95K03XjPSC8QyuT8R8wCQYH 
KoZIzjgEAwMwADAtAhRrqfBOelp54/m*PSvJBjfpERehEwIVAI80aSqLsTwDeZQyTRIfzo 
[n7RrI7MIIC3DCCApugAwIBAgICAMgwCQYHKOZIz jgEAzASMRAwDgYDVQQDEwdDYXJSRFNT 
| MBAXDTk5MDgxNzAxMTAOOVOXDTMSMTIZzMTIzNTk10VowEzERMA8GAlUEAxMIQWxpY2VEUI 
|MwggG2MIIBKwYHKOZIzjgEATCCARACgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauE 
| CE//10FzSH4M1vNESNH+n6+koYkv4dkwyDbeP 5u/t 0zcX2mK5HXQNwyRCJWb3qde+fz0ny 
/dQ6iLVPE/SAcIRO1diMPDtbP jVQh11T12EMR4vf+dsISXN/LkURu1 5AmWXPN+W9SCFOQDi 
R6YaRWa4E8baj7g3IStii/eTzOKBgCY40BSIMqo5+z5t2UtZakx2IzkEAjJVc8ssaMMMeUF 
| 3dm1nizaoFPVjAe612uG4Hr32KQiWn 9HXPSgheSz6Q0+G3qnMkhi jt 2FOnOL12jB80jhbgv 
| MAF 8bUmMJEYk2RL34yJVKU1al4v1z7BphNh8Rf£ 8K97dFQ/5h0wt GBSmA5u jY5A4GEAAKBgF 
| zjuVp1FJYLgXrd4z+p7Kxe3L2 3ExE0phaJKBE j2TSGZ3V1ExI 9Q1tv5VG/tonyohs+JH09 
|B41bY8i7RaWgSuOF1s4GgD/o0134a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS14£2YU 
ee E E 
BAMCBsAwHwYDVROjBBgwFoAUCEQ-*gi5vh95K03XjPSC8Q0yuT8R8WHOYDVROOBBYEFL5sob 


| P jwfftQ3CkzhMB4v3jl/7NMB8GA1UdEQOYMBaBFEFsaWNlRFNTOGVAYWIwbGUuY29tMAkG 
| ByqGSM4 4BAMDMAAwLOIUVQykGR9CKA41xIjONg2q1PWdrvOUCFQCfYVNSVAtcst3a53Yd4h 
| BSWONevaGB2zCB2DCBmTAJBgcqhk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MXDTk5MDgy 
[|NzA3MDAwMFowaTATAgIAyBCNOTkwODIyMDcwMDAwWjATAgIAyRCNOTkwODIyMDCwMDAWwW 


ATAgIAOxcNOTkwODIyMDcCwMDAwWjATAgIAOhcNOTkwODIyMDCWwWMDAwWjATAgIA1BCNOTkw 
ODIOMDcwMDAwWjAJBgcqhkjOOAQDAy8AMCWCFH51UnYz/jRzF9H31vmglNhtXHO09AhQCel 
| u31VsYwc*H737aJPMqg5w10TGCAiowggImAgEBMBgwEjEQMAA4GA1UEAxMHQ2FybERTUWIC 
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| AMgwBwYFKw4DAhqgXTAYBgkqhkiG9w0BCQMxCwY JKoZ IhvcNAQcBMBwGCSqGS Ib3DQEJBT 
| EPFwOwMzA1MTQxNTM5MDBaMCMGCSqGS Ib3DQEJBDEWBBRAauwlUnm6bhYCLZ4GKcAilofd 
SDAJBgcqhkjOOAQDBCAwLAIUO6XgStttWOAZOQACTOSaV3pxZmgCFBoRmNYfH680gOHevo 
vctqhqkWkToYIBYjAtBgsqhkiG9wOBCRACBDEvMCOMIENvbnRlbnOgSGludHMgRGVzY3Jp 
| cHRpb24gQnVmZmVyBgkqhkiG9wOBBwEwggEeBgkghkiG9wOBCQYxggEPMIIBCwIBATAmMB 
| IXEDAOBgNVBAMTBONhcmxSUOECEEYOa8eAAFa8EdNuLsQOs7AwBwYFKw4DAhqgQzAcBgkq 
| hkiG9wOBCQUxDxcNMDMwNTEOMTUZOTAwWjAjBgkqhkiG9wOBCQOxFgQUAl9JT jmYUIWzZt 
|OKH3ueaar72DMwDQYJKoZIhvcNAQEBBQAEgYBtqiAk7XrupV6H3XUfK1QQZfTOm7EseHS8 
ixxgtduLA55J8it/k249iRTJA42v09nl12rj5YH5u7vHwwGUA4Q9wLxilu025q7k7QYOMwryZ 
Gprd1G+GWp4nGVONROH810b4LoN2 9aPcvH1F/CgBva0 4RAaF 9WmmL10w1 sM8Pt Zz 9Dvw== 
|<4.4.bin 


***4.5.bin*** 


|* Example 4.5.bin 

24.5.bin 
MIAGCSqGSIb3DOEHAqCAMIACAQEXxXCZAJBgUrDgMCGgUAMIAGCSqGSIDb3DQEHAaCAJIAEBF 
| RoaXMEGCBpcyBzb2111HNhbXBsZSBjb250Z2W50LgAAAAAAAKCAMIIB6zCCAVSgAwIBAgIQ 
| RJREx4AAVrwRO24un/JQIDANBgkghkiG9wOBAQUFADASMRAwDgYDVQODEwdDYXJsUlNBMB 
| AXDTkK5MDgxODA3MDAwMFOXDTMS5MTIzMTIzNTk1OVowEjEQMAA4GA1UEAxMHQ2FybFJTQTCB 
| nzANBgkqhkiG9wO0BAQEFAAOBjQAwgYkCgYEASEv/GLgkV/R3/25ze5NxXLwzGpKSciPYQU 
und E c E rs 
fdaWWZdoWoMW+Dq5EW+ 9e 9Kcpy4LdrETpqpOUKQ7 4GNbIV17ydsTyEWA4uRs 8HZfJavECAw 
| EAAAaNCMEAwDWYDVROTAQH/ BAUWAWEB / ZAOBgNVHQ8BA £f 8EBAMCAY YwHQYDVROOBBYEFOng 
|kCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAAAGBALeelATT7Snk/A4mJFS5M2w 
| zwSA8yYe7EBOwWSXS3/D2RZfgrD7R3j941ZAN6cHt fA4EmFQ7e /dP *MLuGGlpJs85p6cVJq2 
| 1dbabDulLUU1nUkBdvq5uTH54WsSUG6DlFGCbfco*81NrsDdvreZ019v6WuoUQWNdzb7IDs 
HaaolTNBgCMIICLDCCAZWgAwIBAgIORjRrx4AAVrwRO24uxBCzsDANBgkqhkiG9wOBAQUF 
ADASMRAwDgYDVQOODEwdDYXJSUINBMBA4XDTk5MDkxOTAxMDgON1OXDTM5MTIZMTIZzNTk1OV 
| owEzERMA8GA1UEAxMIQWxpY2VSUOEwgZ8wDQYJKoZIhvcNAQEBBQADgYOAMIGJAoGBAOCJ 
| czmN2PX161d20X 90sAW7U4PeD 7er3H3HdSkNBS5tEt +mhibU0m+qwCn81+z6g1lEPMICtsV 
| CeRkTxLLvYMs /GaG8H2bBgrL7uNAlqE /X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0 
[ny36VTq5mXcCpkhS jE7zVzhXdFdfAgMBAAG jgYEwf zAMBgNVHRMBA f 8EA jAAMA4GA1UdDw 
oe ee c M 
d9K00bdMioqjzkWdzuw8oDrj/l1AwHwYDVRORBBgwFoEUQWxpY2VSUOFAZXhhbXBsZS5jb2 
| OwDQYJKoZIhvcNAQEFBQADgYEAPnBHqEjMEliPylFxa042GFOEfoCxjU3MyqOPzHlWyLzP 
|brMcWakgqgWBqE41radwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2 
| TEOZ3SpOLF6DeKtNufZ-4S9n/n*dO/q*e5jatg/SyUJtdgadq7rm9tJsCIAADGByzCByAIB 
| ATAmMB I xEDAOBgNVBAMTBONhcmxSUOECEEY 0a8eAAF a8EdNuLsQQs 7AwCQYFKw4DAhoFAD 
cuu ee 
hPXNYEAnlfbPAIZ2dT8r80fUAmen9ceNFgSls7Xn2TLwJO/nIETVnwfFUyT6zgEdDxcTpy 
| qVnSvkA5UUC-*k5DbrObpyeDOiYSlUT1GhvOAfXorFiTOOPr/3g1V3HAAAAAAAA 
|<4.5.bin 
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***4.6.bin*** 


* Example 4.6.bin 

>4.6.bin 

|MIIFtwYJKoZIhvcNAQcCoIIFqDCCBaQCAQExCTAHBgUrDgMCG jArBgkqhkiG9wOBBwGgHg 
[OcVGhpcyBpcyBzb2111HNhbXBsZSBjb250ZW50LqCCBJwwggG4MIIBd6ADAgECAgIA0jAJ 
| Bgcqhk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj 
[|MxMjM1OTU5WjATMREwDwYDVQODEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBAA4GFAAKBgQCg 
Eu cu da i I 
tPLNOcNPccvyX/I9M7WeeClze-*MSTYGMjzSTlbt-*L1J378jEVyW34-j2hN3UZ6Ir60/8za 
|OSmjOeWfQ-1VyddbpoFnzMCqzS7FI6OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVROPAQH/BA 
| ODAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMBOGA1UdDgQWBBRKkMJI9 
| XNXFC5k6Ui8Wvl1hQ3c4rGDAfBgNVHREEGDAWgRREaWFuZURTUOBleGFtcGxlLmNvbTAJBg 
| cdhk jOOAQDAzAAMCOCFQChGvgXD j5dqIzOtlUzHkvjLKy5XwIUKESQRVjSHJ1VNRQYKkDI / 
| Od+ 1bt MwggLcMI ICm6ADAgECAg IAyDAJBgcqhk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1 
uu ee ee 
UzCCAbYwggErBgcghk jOOAQBMI IBHgKBgOCBjc3tg+oKn3jk+wkgoo+RHk90016g07FPFq4 
|[QIT/+U4XNIfgzWSORIOf6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJE11Zvep175/PSf 
|L91DqItU8T-wBwhHTV21w801s*NVCHXVOXYQxHi 9/52whJc38uRRG7XkCZZc835b2wIVAO 
| JHphpFZrgTxtqPuDchK2KL95PNAOGAJ jjOFIkyqjn7Pm3Z2S11qTHY jOQQCNVzyyxowwx5Q 
| Xà2bWeLNqgU9WMB70ja4bgevfYpCJafÜdc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC 
p uc mcd cA T 
XOO5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEjlDW2/1Ub/6ifKiGz4kfT 
| OHjVt jyLCtFpaBK44XWzgaAP-4gjfhryJKtTGrgnDR7vCL9mFIBcYqxl-hWL8bsOlNKWN/Zh 
| R7LEMoTw£kFA/UanYO4z8qXi9PKD5bi jgYEwfzAMBgNVHRMBAf8EA jAAMA4GA1UGDwEB /w 
| OEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm-*H3krTdeM9ILxDK5PxHzAdBgNVHOA4EFgQUvmyh 
| s+PB9+1DCcKTOEwWHi / e0X/ sOwHwYDVRORBBgwFoEUQWxpY2VEUINAZXhhbXBsZ85jb20wCQ 
E cuu iu Sc im 
EFJbQ169MYHGMGECAQEWGDASMRAwDgYDVOODEwdDYXJsSRENTAgIAyDAHBgUrDgMCGjAJBg 
| cqhk jOOAQDBC4wLAIUSCTei 4XyFq/sgmGpVNAt BKHMWk8CFBft1XcC7nUT2BC9PZCXITi7 
| /XuBMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAO jAHBgUrDgMCG jAJBgcqhk jOOA 
| ODBC4wLAIUF£+BTYyt gE6bNVgEN25 jbulbg/oCFAZ+WE4 rMYRB7U150D530gaMdQgh 
|<4.6.bin 


***4.7.bin*** 


|* Example 4.7.bin 

|>4.7.bin 
[|MIIDlAYJKoZIhvcNAQcCoIIDhTCCA4ECAQMxCTAHBgUrDgMCGjArBgkqhkiG9wO0BBwGgHg 
OcVGhpcyBpcyBzb21lIHNhbXBsZ5SBjb250Z2W50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ 
BgcqhkjOOAQDMBIXEDAOBgNVBAMTBONhcmxEUIMwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj 
| MxMjM1OTU5WjATMREwDwYDVQODEwhBbGl jZURTUzCCAbYwggErBgcghk jOOAQBMIIBHgKB 
| gOCBjc3tg+oKnjk+wkgoo+RHk90016yg07FPFq4Q1T/+U4XNIfgzW80RIOf6fr6shiS/h2T 
|DINt4/m7+3TNxfaYrkddA3DJEI1Zvep175/PSfL91DqItU8T+wBwWhHTV21w801s+NVCHXV 
| OXYOxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAOoGAJj 
jOFIkyqjn7Pm3Z2S11qTHYjOQOCNVzyyxowwx5OQXd2bWeLNqgU9WMB70ja4bgevfYpCJaf0 
dc9KCF5LPpDA4beqcySGKO3YU6c4uXaMHzSOFuC8WAXxtSYkRiTZEvfjllUpTVrXi-*XPsGm 
| E2HxF /wr3tOVD/mHTCOYFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm 
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|FokoESPZNIZndXUTEjlDW2/1Ub/6ifKiGz4kfTOHjVtjyLtFpaBKA44XWzgaAP-*gjfhryJK 
|[tTGrgnDR7vCL9mFIBcYqx1+hwWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bi 5 
gYEwf zAMBgNVHRMBA f 8EA jAAMA4GA1 UdDWEB/wQEAw I GwDAfBgNVHSMEGDAWgBRwRD6CLm 
+H3krTdeM9ITLxDK5PxHzZAdBgNVHO4EF gQUvmyhs+PB9+1DcKTOEWHi/eOX/sOwHwYDVROR 
| BBgwFoEUQWxpY2VEUINAZXhhbXBsZ$5 jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZHOIriX 
| EiM42DarU9Z2u/RQIVAJ9hU1LJUCLyy3drndh3iEFJbQ1 6 9MWAWXgIBA4AUvmyhs+PB9+1D 
| CKTOEWHi /eO0X/s0wBwYFKw4DAhowCQYHKoZ1z jgEAWQVMCOCFQCJw2t 7VvfDEgB18Tf1xF 
| gXjRFXgwIUCw9DOqrs3nphLIyc9UGZpzwgw7c- 

|<4.7.bin 


***4.8.eml*** 


|* Example 4.8.eml 

[»4.8.eml 

| TULNRS1WZXJzaW9uOiAxLjAKVG861FVzZXIyQGVAYWlwbGVzLmNvbQpGcem9tOiBhbGljZU 
M c Dc c EE MC 
MDkwNjAwMjUIMDMwMCAyNDlAZXhhbXBsZXMuY29tPgpEYXRlOiBGcomksIDA21FNICCAyMD 
[|AyIDAwOjI10jIxICOwMzAwIApDb250ZW50LVR5CGU6IGl1l1bHRpcGFydC9zaWduZWQ7CiAg 
| ICBEaWNhbGc9UOhBMTsKICAgIGJvdW5kYXJ5PSItLSOtPV90ZXh0Qm91bmRyeV9fX19Gcm 
[ksXzA2X1NICcF8yMDAyXzAwOjI10jIxIjsKICAgIHByb3RvY29sPSJhcHBsaWNhdGlvbi9w 
|a2NzNylzaWduYXRlcmUiCgpUaGlzIGlzIGEgbXVsdGktcGFydCBtZXNzYWdlIGluIEl1JTU 
o EL MM Qu M 
OjI10jIxCgpUaGlzIGlzIHNvbWUGgc2FtcGxlIGNvbnRlbnQuCiOtLSOtLT1fTmVAdEJvdW 
|5kcnlfX19fRnJpLF8wNl9TZXBfMjAwMl8wMDoyNToyMQpDb250ZW50LVR5cGU6GIGFwCGxp 
| Y2F0aW9uL3BrY3M3LXNpZ25hdHVyZTsgbmFtZT1zbWltZS5wN3MKQ29udGVudClUcemFuc2 
|ZlcilFbmNvZGluZzogYmFzZTYOCkNvbnRlbnQtRGlzcG9zaXRpb2461IGFO0dGF jaG11bnQ7 
| IGZpbGVuYW11PXNt aW11LnA3cwoKTU1JRGR3WUpLb1pJaHZ jTKFRYONVSULEYURDQOEYyUU 
oe EE uu A 
ZOF3SUJBZOIDQU1ndONRWUhLb1pJempnRUF6QVNNUkF3RGdZRFZRUURFGd2REWVhKClJGTl 
| RROjRYRFRrNUIEZ3hOekFA4Ck1UQTBPVm9YRFRNNUIUSXpNVEl6TIRrMU9Wb3dFekVSTUEA 
| ROExVUVBeE1JUVd4cFkyVkVVMU13Z2dHMk1JSUJLdllIS29aSXpqZOUKQVRDQO0FSNENnWU 
|VBZIkzTjdZUHFDcDQ1UHNKSUtLUGtSNVBkRHRIbOR1eFRAYXVFQOUvL2xPRnpTSDRNMXZO 
|RVNOSCtuNitrbllrdgo0ZGt3eURiZVAldS90MHpjWDJtSzVIWFFOd31SQ0pXY jNxZGUrZn 
owbnkvZFE2aUxWUEUvcOFjSVIwMWRpTVBEdGJQalZRaDEXxVGwyCkVNUjR2ZitkcOlTWE4v 
TGtVUnUxNUFtVI1hQTitXOXNDRlFEaVI2WWFSV2EORThiYWo3ZzNJU3RpaS91VHpRSOJnQl 
|kOMEJTSk1xbzUKK3oldDJVdFpha3gySXprRUFqVmMA4c3NhTU1NZVVGM2RtMW5pemFvR1BW 
| akFINkkydUcOSHIzMktRaVduOUhYUFNnaGVTe jZRKO0czcQpuTWtoaWpOMkZPbk9MbDJqQj 
| gwamhiZ3ZNQUYAYlVtSkVZazJSTDMOeUpWS1UxYTEOdmx6NOJwaE5oOFJmOEs5N2RGUS81 
| aDB3dEdCCINtQTV1alkl1QTRHRUFBSOJnRnpqdVZwMUZKWUxxWHJkNHorcDdLeGUzTDIzRX 
ee cM. 
YVdnU3VPRjFzNEdnRC9vSTMOYThpU3JVeHEOSncwZTd3aS9aaFNBWEdLclpmbl1Z2pLOc3Tk 
| SUUwpsamYyWVVleXhESOU4SDVCUVAxR3AyTk9NLOtsNHZUeWcrVzRvNEdCTUg4dORBWURW 
[UjBUQVFILOJBSXdBREFPOmdOVkhROEJBZ jhFCkJBTUNCCOF3SHdZRFZSMGpCQmd3Rm9BVW 
|NFUStnaTV2aDk1SzAzWGpQUOMA4UXl1VDhSOHdIUVIEVlIwTOJCWUVGTDVzb2JQandmZnQK 
[UTNDa3poTUIOdjNqbC83Tk1COEdBMVVkRVFRWUICYUJGRUZzYVdObFJGTlRRR1YOWVoxd2 
o E 
UF dkcnYwVUNGUUNmWVZOU1 ZBdGNzdDNhNTNZZDROQINXME51d1RGak1HRUNBUUV3CkdEQV 
| NNUKF3RGdZRFZRUURFd2REWVhKc1JGTIRBZOlBeURBSEUnVXJEZO1DR2pBSkJnY3Foa2pP 
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| TOFRREJDNHdMQUIVTS9tR2Y222sKZ23A5WjBYdFJkR21tSmVCLOJA4VUNGROZGSnF3WVJOMV 
| dZYOLPUW9HaWFvd3FHelZJCgotLSO0tLS09X051eHRCb3VuZHJ5X19fXO0ZyaSxfMDZfU2Vw 
XzIwMDJfMDA6MjU6MjEtLQo- 

<4.8.eml 


***4.9.eml*** 


|* Example 4.9.eml 

>4.9.eml 
TUINRSiWZXJzaW9uOiAxLjAKVG86IFVzZXIyQGVAYWlwbGVzLmNvbOpGcm9tOiBhbGljZU 
|RzcOBleGFtcGxlcy5jb20KU3ViamVjdDogRXhhbXBsZSAO0LjkKTWVzc2FnZS1JZDogPDAy 
| MTAzMTE2NDUOMDMwMC4 zMDRAZXhhbXBsZXMuY29tPgpEYXRlOiBUaHUsIDMxIE9 jdCAyMD 
|AyIDE20jQ10jE0ICOwMzAwIApDb250ZW50LVR5cGUGIGFwCGxpY2FO0aW9uL3BrY3M3LWlp 
| bWU7 IHNtaWllLXR5cGU9c21nbmVkLWRhdGE7CiAgICBuYWllPXNtaWllLnA3bQpDb250ZW 
| 5SOLVRyYW5zZmVyLUVuY29kaW5nOiBiYXNlNjQKQ29udGVudClEaXNwb3NpdGlvbjogYXRO 
YWNobWVudDsgZmlsZW5hbWU9c21pbWUucDdtCgpNSULIEbVFZSktvWklodmNOQVFjQ29JSU 
e qu E E 
| CGFHbHpJR2x6SUhOdmJXVWd jMkZ0YOdAbElHTnZiblJsYm5RdW9JSUMORENDQXR3d2dnS2 
| JvQU1DQVFJQOFnREINQWtHQnlxR1NNNDQKQkFNdOVqRVFNOTRHQTFVRUFA4 TUhRMkZ5YkVS 
| VFV6QWVGdzAlTIRBNEl1UY3dNVEV3TkRsYUZ3MHpPVEVS5TXpFeU16VTVOVGxhTUJNeApFVE 
|FOQOmdOVkJBTVRDRUZzYVdObFJGTlRNSUlCdGpDQOFTcOdCeXFHUOO0NEJBRXdnZOVl1QW9H 
OkFJRO56ZTJENmdxZU9UNONTQ21qCjVFZVQzUTdYcUE3C1UAV3JoQWhOLzVUaGMwaCtETm 
J6UkVqUi9wK3Z2wSOdKTCtIWk1NZzIzaitidjdkTTNGOXBpaVIxMERjTWCtRaVYKbTk2b1h2 
[bjg5Sjh2M1VPb2kxVHhQNOFIQOVkTlhZakR3N1d6NDFVSWRkVTVkaERFZUwzL25iQ0Vsem 
| Z5NUZFYnR1UUpsbHp6Zmx2YgpBaFVBNGtlbUdrVmllQlBHMm8rNE55RXJZb3YzazgwQ2dZ 
| OWIPTkFVaVRLcU9mcytiZGxMV1dwTWRpTTVCQUkxWFBMTEdqRERIDEJkC jNadFo0czJxQl 
|OxWXdIdWlOcmh1QjY5OWlrSWxwLlIxejBvSVhrcytrUGhONnB6SklZbzdkaFRwemk12G93 
Zk5JNFCOTHpBOmZHMUOKaVJHSk5rUzkrTWlWU2xOV3RlTDVjK3dhWVRZZkVYLON2ZTNSVV 
ArWWRNTFJnVXBnT2JvMk9RTOJoQUFDZIlCYzQ3bGFkUlNXOzZsNgozZUOvcWV5clhOeTl0 
|eE1STkt ZV21TZ1JJOWswaGlkMWRSTVNQVUSiYitWUnYvcUOo4cUliUGlSOVBRZU5XMIBJdT 
| BXbG9FcmpoZGJPCkJvQS82Q04rR3ZJa3ExTWF1Q2NOSHUASXYyWVVnRnhpckdYNkZZdnhl 
| e1RVMHBZMzltRkhzclF5aFBCK1FVRDlScWRqVGpQeXBlTDAKOG9QbHVLTOJnVEIvTUF3RO 
| EXVWRFdOVCL3dRQO1BQXdEZ1l1EVIIwUEFRSC9CQVFEQWdiQU1COEdBMVVkSXdRWUICYUFG 
SEJFUG9JdQOpiNGZl1U3ROMTR6MGd2RUlyay9FZk1CMEdBMVVkRGdRVOJCUytiSOd6NDhIMz 
Ero iu TU T T 
| YOd4bExtTnZiVEFKQmdjcWhrak9PQVFEQXpBQUIDMENGRIVNCEJrZlFpdUpjU016allOcX 
| RUMWAKYTCSRkFoVUFuMkZUVWxRTFhMTGQydWQy SGVJUVVSdERYc jBAWXpCaEFnRUJNQmd3 
| RRHpFUU1BNEdBMVVFQXhNSFEyRnliRVJUVXdJQwpBTWd3QndZRkt3NERBaG93Q1FZSEtvWk 
|16amdFQXdRdU1DdONGRDFjUlc2TElVRnplWGxlM11JNVNLUOJlci9zQWhRbUNxN3MvQ1RG 
CkhPRWpnOVN1VWpiTXB4NWc20T09Cg== 

<4.9.eml 


***4.10.bin*** 


|* Example 4.10.bin 

>4.10.bin 
MIIH/wYJKoZIhvcNAQcCOIIH8DCCB-*wCAQExCTAHBgUrDgMCGjArBgkqhkiG9wOBBwGgHg 
[OcVGhpcyBpcyBzb2111HNhbXBsZSBjb250Z2W50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ 
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| Bgcqhk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj 
| MxM3jM1O0TUSWjJATMREWDWYDVQQDEwhBbG1 j ZURTUzCCAbYwggErBgcghk jOOAQBMI IBHgKB 
gQCBjc3tg+oKnjk+wkgoo+RHk90016gO7FPFQ4QIT/+U4XNIfgzW80RI0f6fré6ShiS/h2T 
DINt4/m7+3TNxfaYrkddA3DJEI1Zvep175/PSfL91DqItU8T+wBwhHTV21w801s+NVCHXV 
| OXYOxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAOoGAJj 
| JOFIkyqjn7Pm3ZS11qTHYjOQOCNVzyyxowwx5QXd2bWeLNqgU9WMB70ja4bgevfYpCJaf0 
| dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi-XPsGm 
| E2HxF /wr3t OVD/mHTCOYFKYDm6N jkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm 
FOokoESPZNIZndXUTEjlDW2/1Ub/6ifKiGz4kfTOHjVtjyLtFpaBKA44XWzgaAP-*gjfhryJK 
tTGrgnDR7vCL9mFIBcYqxl-hWL8bsOlNKWN/ZhR7LEMOTwfkFA/UanYO04z8qXi9PKD5bi]j 
| gYEw£zAMBgNVHRMBAf8EAjAAMAA4GA1UGDWwEB /wQEAwIGwDAfBgNVHSMEGDAWgBRwRD 6CLm 
| +H3krTdeM9ILxDK5PxHzAdBgNVHO4EFgQUvmyhs+PB9+1DcKTOEwWHi / eOX/sOwHwYDVROR 
| BBgwFoEUQWxpY2VEUINAZXhhbXBsZ$5 jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZHOIriX 
| E3M42DarU9Z2u/RQIVAJ9hU1JUClyy3drndh3iEFJbQ169MYIEyTCCBMUCAQEwGDASMRAw 
| DgYDVQQDEwdDYXJsRFNTAg IAyDAHBgUrDgMCGqCCBF 8wGAY JKoZ IhvcNAQkDMQsGCSqGSI 
oec ii 
Li1RoaXMgaXMgYSBOZXNOIEdlbmVyYWwgOVNOIEFOdHJpYnVOZSwgbnVtYmVyIDEuMDA4GCy 
| qGSIb3DQEJEAIEMS8wLQwgQ29udGVudCBIaW50cyBEZXNjomlwdGlvbiBCdWZmZXIGCSqG 
| SIb3DQEHATBKBgkqhkiG9w0BCQ8xPTA7MACGBSODBAUGMDAGBi oDBAUGTQQmU2 1pbWUgQ2 
| FwYWJpbGlOaWVzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbQYLKoZIhvcNAQkQAgIxXjFCcAgEB 
[BgcgAwQFBgcIExtUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRFUIQxMTAvgAggAwQFBgeGeK 
poc M ió 
YDBeBgUqAwQFBgOrQ29udGVudCBSZWZzlcmVuY2UgO29udGVudCBJZGVudGlmaWVyIEJ1Zm 
|Z1cgQoQ29udGVudCBSZWZlcmVuY2UgU21nbmFOdXJlIFZhbHVlIEJl1ZmZlcjBzBgsqhkiG 
| 9WOBCRACCzFkoGIwWjELMAkGA1UEBhMCVVMxF jAUBgNVBAoTDVVTIEdvdmVybm1lbnQxET 
| APBgNVBAsTCFZEQSBTaXRIMQwwCgYDVQOLEwNWREExE jAQBgNVBAMTCURhaXNSIFJTQOIE 
| CLVEMzCB/AYLKoZIhvcNAQkQAgMxgewwgekwgeYEBzU3MzgyOTkYDzE5OTkwMzExMTAOND 
ovd MEC Ib uU aui 
DwYDVQOLEwhWREEgU210ZTEMMAOGA1UECxMDVkRBMRcCwFQYDVQODEw5CdWdzIEJ1bm55IE 
| RTOaRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQOKEwlVUyBHb3Z1cm5tZW50MREwDwYDVQOL 
| EwhWREEgU210ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQODEw5FbG11ciBGdWRkIERTQTCCAQ 
| IGCyqGSIb3DQEJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkTJkVRVUlWQUXxFTlQgVEhJUyBJ 
| UyBBIFBSSVZBQlkgTUFSSyBURVNUMTwwOOAIKgMEBOQYHhnihLhMsRVFVSVZBTEVOVCBUSE 
oc nq c qun du 
TEVOVCBUSEITIEITIEEgUOVDTOSEIFBSSVZBOIkgTUFSSyBURVNUMTwWWOOAIKgMEBOYHhn 
| ihLhMsRVFVSVZBTEVOVCBUSELlTIElTIEEgVEVTVCBTRUNVUK1UWS1DQVRFRO9SWS4wCQYH 
| KoZIz jgEAwQvMCOCFQC8MzdlxPdwXBdJE6pMhcq7UpFIWQIUYSaiFIvPV96wSF9sZN2EBE 
| 1£HMo- 

|<4.10.bin 


***4.11.bin*** 


|* Example 4.11.bin 

[»4.11.bin 
|MIIGiAYJKoZIhvcNAQcCoIIGeTCCBnUCAQExADALBgkqhkiG9wOBBwGgggV/MIICmzCCAl 
qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MwHhcNOTkwODE2MjI1 
MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQODEwdDYXJSRFENTMIIBtzCCASSGByqGSM 
| 44BAEwggEeAoGBALZJGD 6KRMEpcZRMAcQSwXp5y 1RNgx 6B+8 ZMsw6UCQbrAdSxyHFLx0XA 
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| UCVdnPza5G3T40ZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIkAvrJRVRl1XcjlMOEK 
| 1Q/HC3zTBU/dreqKoitaGvi 8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31P0CzRgdz4CpL+K 
XZi5ENUCGYAM7 lebS73atgdqdDdPVX+d7bxhDet GWTxWCytbDJHOpWJSacrhbT69v/7ht7 
krYTyty65F4was JCKGnESHC8£N8BzZtU5dc96vDskdW1H1TORSNVpzqn9GUR+pQhacSouKk 
| eWGO1S9TIkRjH4a401gGJfgpwO-64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb 
| vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA487YaADj 
|/dVwT98jlhkGIPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifNG61NiZrXjR 
[g5hD-LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVROPAQH/BAQDAgGGMBOGA1Ud 
Eoo uu S de e 
49K8kGN*kRF6ETAhUAjzRpKouxPAN5IDJNEh/OiftGsjswggLcMIICm6ADAgECAgIAyDAJ 
| Bgeqhk jOOAQDMBIxEDAOBgNVBAMTBONhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj 
[MxMjM1OTU5WjATMREwDwYDVQODEwhBbGljZURTUzCCAbYwggErBgcqghk jOOAQBMIIBHgKB 
| gQCBjc3tg*oKnjk-*wkgoo*RHk90016gO7FPFq4QIT/*UAXNIfgzW80RIOf6fr6ShiS/h2T 
|DINt4/m7*3TNxfaYrkddA3DJEIlZvepl175/PSfL91DqItU8T-wBwhHTV2IWB8O1s-NVCHXV 
| OXYOxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAOoGAJj 
jOFIkyqjn7Pm3Z2S11qTHYjOQOCNVzyyxowwx5OQXd2bWeLNqgU9WMB70ja4bgevfYpCJaf0 
dc9KCF5LPpDA4beqcySGKO3YU6c4uXaMHzSOFuC8WAXxtSYkRiTZEvfjllUpTVrXi-*XPsGm 
| E2HxF /wr3t OVD/mHTCOYFKYDm6N jkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm 
|FokoESPZNIZndXUTEjlDW2/1Ub/6ifKiGz4kfTOHjVtjyLtFpaBK44XWzgaAP-*gjfhryJK 
|[tTGrgnDR7vCL9mFIBcYqx1+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bi 3 
| gYEwfzAMBgNVHRMBAf 8EA jAAMA4GA1UdDWEB/wQEAw1 GwDAf BgNVHSMEGDAWgBRwRD 6CLm 
+H3krTdeM9ITLxDK5PxHzZAdBgNVHO4EF gQUvmyhs+PB9+1DcKTOEWHi/eOX/sOwHwYDVROR 
BBgwFoEUQOWxpY2VEU1NAZXhhbXBsZS53]b20wCOYHKoZ1Iz3j]gEAwMwADAtAhRVDKOZHOIriX 
| E3M42DarU9Z2u/RQIVAJ9hU1JUClyy3drndh3iEFJbQ1690YHbMIHYMIGZMAkGByqGSM44 
| BAMwE jEQMA4GA1UEAxMHQ2FybERTUxCNOTkwODI3MDcwMDAwW;jBpMBMCAgDIFw05O0TAA4Mj 
| IWNzZAwMDBaMBMCAgDJFwO05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMC 
| AgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM4 4BAMDLw 
AwLAIUfmVSdjP-NHMXOfeWc-raDU2Gl1cfTOCFAJ6W7fVWxjBz4fvftok8yqDnDWhMQA- 
<4.11.bin 


***5.1.bin*** 


|* Example 5.1.bin 

>5.1.bin 

MIIBHgYJKoZIhvcNAQCDOIIBDzCCAQsCAQAxgcAwgbOCAQAwJ jASMRAwDgYDVQODEwdDYX 
| JSULNBAhBGNGvHgABWvBHTbi 7NXXHOMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi21sGP 
| cP2iJ97a4e8kbKQz36zg6Z2i0yx6zYCAmZ7mX7FBs3IWg-f6KgCLx3M1eCbWx8-MDFbbpX 
| adCDg08/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd-4taTEgSOipdSJuNnkVY4/M652j 
| KKHRLF£02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DOMHBAgtaMXpRwZRNYAgDsiSf8 
Z9PA3LrYA4OxUk660cullXeCSFOSOpOJ7FuVyU- 

«5.1.bin 
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***5.2.bin*** 


* Example 5.2.bin 

2D 2.Din 

|MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwE jEQMA4GA1UEAxMHQ2 
[|FybFJTQOIQRjRrx4AAVrwRO24uzV1xODANBgkqhkiG9wOBAQEFAASBgJQmQo jGi7Z4IP+C 
| VypBmNFoCDoEp8 7kht gy f f2N4SmqD3RxPx+8hbLOt 9i 3YcMwcap+aiOkyqjMalTO3VUCOX 
|BOGv- HYI3HBZm/aFzxoq*YOXAWs5xlGerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg 
+TGrnGVNQBNw4 7Ewo j 4CAQQWDOOLTWE pbExpc3RSQz IwEAYLKoZIhvcNAQkQAwcCATOEGH 
CUr5MSJ/g9HnJVHsQ6X56VcwYbt*OfojTBJBgkqhkiG9wOBBwEwGgYIKOoZIhvcNAwIwDgIC 
Pu E 

49:2 Din 


***5.,3.eml*** 


* Example 5.3.eml 

>5.3.eml 

| TULNRS1WZXJzaW9uOiAxLjAKTWVzc2FnZS1JZDogPDAwMTAzMTEyMDA1MjAzLjAwMzQ5QG 
[FteWVtaWx5LmlnLmNvbTA4KRGFOZTogVHVlLCAzMSBPY3QgMjAwMCAxMjowMDo1MiAtMDYw 
| MCAoQ2VudHJhbCBTdGFuZGFyZCBUaW1lKQpGcm9tOiBVc2VyMQpUbzogVXNlcjIKU3Viam 
[VjdDogRXhhbXBsZSA1LjMKQ29udGVudClUeXBlOiBhcHBsaWNhdGlvbi9wa2NzNyltaWll 
uci uuu. 
OtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NApDb250Z2W50LURpc3Bvc210aW9uOiBhdHRh 
| Y2ht ZW500yBmaWxlbmFtZT1zbWltZS5wN20KCk1JSUJIZ11KS29aSWh2YO5BUWNEbOlJQk 
| R600NBUXNDQVFBeGd jQXdnY jBDOVFBd0pqQVNNUKF 3RGdZRF ZRUURFd2REWVhKc1VsTkIK 
| QWhCRO5HdkhnQUJXdkJIVGJpN05 YWEHRTUEWRONTcUdTSWIzRFFFQKFRVUFCSUdBQzNFT 5 
| VuRO1pSmk ybHNHUGNOQMm1KOTdhNGU4awpiS1F6MzZ6ZzZaMmkweXg2el1DNG1aN21YNOZC 
CzNJV2crZjZLZONMeDNNMWVDYldA4OCtNREZiYnBYYWRDRGdPOC9uVWtVTlllTnhKCnRlen 
ViR2d6b3lFZDhDaDRIL2RkOWdkelRkK3RhVEVnUzBpcGRTSnVObmtWWTOvTTY1MmpLSOhS 
| TEZmMDJob3NkU jh3UXdZSkt vWkkKaHZ jTKFRY0JNQ1FHQONxRINJY jJNEUU1IQkFndGFNWH 
|BSd1pSTIl1BZORzaVNmOFo5UDQzTHJZNE94VWs2NjBjdTFsWGVDUOZPUO9wTwpKNOZ1VnlV 
| PQoK 

[«5.3.eml 


***6.0.bin*** 


|* Example 6.0.bin 

[»6.0.bin 

| MFAGCSqGSIb3DQEHBaBRME8CAQAwBwYFKw4DAhowKwYJKoZIhvcNAQcBoBA4EHFRoaXMgaX 
Mgc29tZSBzYWl1wbGUgY29udGVudCAEFEBq7AhSebpuFgItngYpwCKWh91I 

«6.0.bin 
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***7.1.bin*** 


* Example 7.1.bin 

>7.1.bin 

| MFCGCSqGSIb3DQEHBqBKMEgCAQAwQwY JKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj 
|EIToAg*vzt2z8YFxO4iRHqNNYg2/TD2VgV75M7mvXXBPalcOI- 

|<7.1.bin 


***7.2.bin*** 


|* Example 7.2.bin 

|>7.2.bin 

| MIGVBgkqhkiG9wOBBwaggYcwgYQCAQIwQwYJKoZIhvcNAQcBMBQGCCqGSID3DQMHBAgHJy 
|CFkJ6wfoAg0iCPZOiKyOHkImhdvncFUibt4wG9AJFYpzVuvEuiBzOhOjA4BgMqqzMxMQOv 


| VGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBUO4gQXROcmlidXRlLCBudWliZXIgMS4- 
|<7.2.bin 
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